eSecurity Planet

FEBRUARY 26, 2024

The fix: System administrators are encouraged to install the Exchange Server 2019 Cumulative Update 14 (CU14), which was issued in February 2024 and enabled NTLM credentials Relay Protection. The problem: CVE-2024-22245 and CVE-2024-22250 put Windows domains vulnerable to authentication relay and session hijack attacks.

Risk 116

Risk Authentication System Administration Ransomware 116

eSecurity Planet

JULY 15, 2024

The problem: Four unpatched security issues in Gogs, an open-source Git service, enable attackers to exploit three critical flaws ( CVE-2024-39930 , CVE-2024-39931 , CVE-2024-39932 ; CVSS: 9.9) However, exploitation requires authentication and specific configurations. and one high-severity vulnerability ( CVE-2024-39933 ; CVSS: 7.7).

Authentication 111

Authentication Backups Software Risk 111

eSecurity Planet

SEPTEMBER 11, 2023

Alarmingly, this API lacks any form of authentication, allowing virtually anyone, even a malicious website you might visit, to send commands to the CLI. They can be remotely exploited without authentication, potentially enabling remote code execution, service disruptions, and arbitrary operations on the routers. via port 8076.

VPN 116

VPN Authentication Firmware Phishing 116

eSecurity Planet

AUGUST 28, 2023

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. OpenFire vulnerability persists Open-source chat server OpenFire has been affected by an authentication bypass vulnerability (CVE-2023-32315) since May.

VPN 98

VPN Authentication Mobile Firewall 98

eSecurity Planet

AUGUST 28, 2023

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. OpenFire vulnerability persists Open-source chat server OpenFire has been affected by an authentication bypass vulnerability (CVE-2023-32315) since May.

VPN 95

VPN Authentication Mobile Firewall 95

eSecurity Planet

SEPTEMBER 16, 2024

Users should immediately update to the most recent versions by going to System Configuration > System Administration > Update Software. It’s strongly advised that you follow the company’s security hardening requirements to protect your systems further.

Software 110

Software Malware System Administration Encryption 110

eSecurity Planet

OCTOBER 17, 2023

User Authentication: In addition to checking VLAN IDs to ensure they match and are approved for that particular VLAN, many other user authentication methods are typically used to ensure devices and users are approved for that VLAN. Trunk: The trunk port forwards and facilitates VLAN-to-VLAN communication across multiple VLANs.

Authentication 110

Authentication Wireless Network Security Cybersecurity 110