Security Affairs

SEPTEMBER 2, 2023

The attacks targeted IT service desk staff to trick them into resetting all multi-factor authentication (MFA) factors enrolled by highly privileged users. The attackers were spotted using anonymizing proxy services and an IP and device not previously associated with the user account to access the compromised account.

Social Engineering 135

Social Engineering Engineering Authentication Accountability 135

Security Affairs

NOVEMBER 14, 2023

VMware disclosed a critical bypass vulnerability in VMware Cloud Director Appliance that can be exploited to bypass login restrictions when authenticating on certain ports. “VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5

Authentication 120

Authentication Hacking Information Security 120

The Hacker News

NOVEMBER 3, 2023

Identity and authentication management provider Okta on Friday disclosed that the recent support case management system breach affected 134 of its 18,400 customers.

Data breaches 110

Data breaches Authentication 110

Security Affairs

MARCH 11, 2024

Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. ” The vulnerability CVE-2024-1403 (CVSS score 10) is an authentication bypass issue that impacts OpenEdge versions 11.7.18 If a match occurs, authentication is granted.

Software 122

Software Authentication Passwords Engineering 122

Security Affairs

JANUARY 16, 2024

VMware Aria Automation (formerly vRealize Automation ) is a modern cloud automation platform that simplifies and streamlines the deployment, management, and governance of cloud infrastructure and applications. “Aria Automation contains a Missing Access Control vulnerability.” ” reads the advisory.

Authentication 121

Authentication Government Hacking Information Security 121

NetSpi Technical

MARCH 28, 2024

NetSPI discovered a cleartext Azure Access Token for a privileged Managed Identity. This prompted further investigation in which we were able to determine that the vulnerability was caused by the Microsoft-managed Azure Site Recovery service. Requirements The Azure Site Recovery service is not enabled by default.

Penetration Testing 95

Penetration Testing Accountability Authentication 95

Malwarebytes

MARCH 19, 2024

A 42-year-old manager at an unnamed telecommunications company has admitted SIM swapping customers at his store. For that reason, SIM swapping can be used to get around two-factor authentication (2FA) codes sent by SMS message. In May 2021, Jonathan Katz, aka “Luna” was employed as a manager at a telecoms store.

Social Engineering 137

Social Engineering Computers and Electronics Mobile Identity Theft 137

Malwarebytes

JANUARY 11, 2024

Hackers have found a way to gain unauthorized access to Google accounts, bypassing any multi-factor authentication (MFA) the user may have set up. To do this they steal authentication cookies and then extend their lifespan. On the Your devices panel, select Manage all devices. Go to your Google Account.

Accountability 145

Accountability Authentication Passwords Malware 145

Security Affairs

APRIL 18, 2024

Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Management Controller (IMC) vulnerability and is aware of a public exploit code for this issue.

Authentication 120

Authentication Hacking Information Security 120

Penetration Testing

MARCH 5, 2024

HashiCorp’s Vault, a popular tool for securely managing sensitive data, contains a vulnerability (CVE-2024-2048, CVSS 8.1) that could allow attackers to bypass authentication and gain unauthorized access to your organization’s most valuable secrets.

Penetration Testing 97

Penetration Testing Risk Authentication 97

Security Affairs

FEBRUARY 21, 2024

VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the discovery of an arbitrary authentication relay flaw CVE-2024-22245 (CVSS score: 9.6).

Authentication 126

Authentication Ransomware Software Information Security 126

Duo's Security Blog

NOVEMBER 29, 2023

Epic is one of the leading software providers for systems that manage electronic healthcare records (EHR). Epic’s new flagship EPCS healthcare management mobile apps Haiku and Canto integrate with Cisco Duo to provide multi-factor authentication (MFA). More than 250 million patients have a current electronic record in Epic.”

Mobile 117

Mobile Healthcare Authentication Passwords 117

The Hacker News

JANUARY 16, 2024

The flaws are listed below - CVE-2023-6548 (CVSS score: 5.5) - Authenticated (low privileged) remote code execution on Management Interface (requires access to NSIP, CLIP, or SNIP with management

Authentication 102

Authentication 102

Security Boulevard

FEBRUARY 18, 2024

Data encryption is a fundamental security measure that should be implemented to safeguard information from unauthorized access. Additionally, the use of encryption keys must be carefully managed, with keys securely stored and access strictly controlled.

Encryption 127

Encryption Authentication Insurance Risk 127

Bleeping Computer

SEPTEMBER 4, 2023

Identity and access management company Okta released a warning about social engineering attacks targeting IT service desk agents at U.S.-based based customers in an attempt to trick them into resetting multi-factor authentication (MFA) for high-privileged users. [.]

Social Engineering 128

Social Engineering Engineering Authentication 128

Penetration Testing

FEBRUARY 16, 2024

Security researchers have uncovered a dangerous cluster of vulnerabilities affecting the popular SolarWinds Access Rights Manager (ARM) software.

Authentication 111

Authentication Penetration Testing Software 111

Security Affairs

NOVEMBER 29, 2023

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. HAR files can also contain sensitive data, including authentication information. HAR files can also contain sensitive data, including authentication information.

Social Engineering 115

Social Engineering Authentication Engineering Accountability 115

Security Affairs

NOVEMBER 3, 2023

Threat actors who breached the Okta customer support system also gained access to files belonging to 134 customers. Threat actors who breached the Okta customer support system in October gained access to files belonging to 134 customers, the company revealed. ” reads the post published by the company. ” continues the post.

Data breaches 129

Data breaches Social Engineering Accountability Authentication 129

Security Boulevard

APRIL 24, 2024

Active Directory (AD) is the backbone of most organizations’ networks, managing access and authentication for users, devices and applications. While AD provides both users and administrators with central services, its security has not kept pace with growing modern security risks.

Authentication 62

Authentication Risk 62

Security Boulevard

MARCH 26, 2024

Managing secrets involves securely orchestrating a variety of digital authentication credentials, crucial for safeguarding access to applications, services, and critical systems. The post What is Managing Secrets? appeared first on Akeyless. appeared first on Security Boulevard.

Authentication 67

Authentication Passwords 67

Security Affairs

JANUARY 29, 2024

A flaw in Microsoft Outlook can be exploited to access NTLM v2 hashed passwords by tricking users into opening a specially crafted file. The vulnerability CVE-2023-35636 impacting Microsoft Outlook is a Microsoft Outlook information disclosure issue that could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords.

Passwords 122

Passwords Authentication Hacking Accountability 122

Duo's Security Blog

JANUARY 29, 2024

The attack methods included a mixture of passcode phishing and push harassment, with the intent to access university VPNs or register a malicious authentication device on one or more user accounts for continued access. How did Duo investigate and respond?

Education 119

Education Authentication Passwords Phishing 119

Malwarebytes

FEBRUARY 19, 2024

An attacker managed to compromise network administrator credentials through the account of a former employee of the organization. But the account still had access with administrative privileges to two virtualized servers including SharePoint and the workstation. Use phishing-resistant multifactor authentication (MFA).

Accountability 75

Accountability VPN Authentication Phishing 75

Security Affairs

JANUARY 18, 2024

CVE-2024-0519 – Google Chromium V8 Out-of-Bounds Memory Access Vulnerability. Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NSIP, CLIP, or SNIP.

Authentication 122

Authentication VPN Software Engineering 122

Malwarebytes

APRIL 3, 2024

In January we reported how hackers found a way to gain unauthorized access to Google accounts, bypassing multi-factor authentication (MFA) , by stealing authentication cookies with info-stealer malware. An authentication cookie is added to a web browser after a user proves who they are by logging in.

Authentication 109

Authentication Passwords Malware Accountability 109

CSO Magazine

JANUARY 4, 2023

Every business needs a secure way to collect, manage, and authenticate passwords. Storing passwords in the browser and sending one-time access codes by SMS or authenticator apps can be bypassed by phishing. Unfortunately, no method is foolproof.

Authentication 129

Authentication Password Management Backups Passwords 129

Security Affairs

OCTOBER 21, 2023

Okta revealed that threat actors breached its support case management system and stole sensitive data that can be used in future attacks. HAR files can also contain sensitive data, including authentication information. The attackers gained access to files uploaded by certain Okta customers as part of some recent support cases.

Social Engineering 121

Social Engineering Data breaches Authentication VPN 121

Security Boulevard

JULY 10, 2023

Ensuring secure online access and transactions is critical in today's digital business environment. Public key infrastructure (PKI)  offers a globally accepted standard for implementing various security protocols and authentication mechanisms.  The good news is that you don't have to reinvent the wheel.

Authentication 98

Authentication Encryption VPN Technology 98

Thales Cloud Protection & Licensing

JANUARY 20, 2022

How to activate multifactor authentication everywhere. The impact of not having multifactor authentication (MFA) activated for all users is now well known by enterprises. The challenge of multifactor authentication everywhere. Variety of a user’s authentication journey…. Variety of a user’s authentication journey….

Authentication 143

Authentication Mobile Data breaches Marketing 143

Duo's Security Blog

JUNE 12, 2023

Before we can discuss passkeys, we need to lay some groundwork and discuss authentication, Passwordless and WebAuthn. What is authentication? Authentication is the process of verifying your online identity. This ensures the right people get access to the right online resources. What is passwordless?

Authentication 113

Authentication Passwords Password Management Phishing 113

Security Affairs

AUGUST 2, 2022

VMware patched a critical authentication bypass security flaw, tracked as CVE-2022-31656, impacting local domain users in multiple products. VMware has addressed a critical authentication bypass security flaw, tracked as CVE-2022-31656, impacting local domain users in multiple products. ” Manager (vIDM), and vRealize Automation.

Authentication 111

Authentication Hacking Information Security 111

Security Boulevard

MARCH 26, 2024

Many strictly regulated industries such as banking and finance rely heavily on identity and access management solutions to secure their systems and infrastructure. The post The Benefits of a Converged Identity Credential appeared first on Security Boulevard.

Authentication 70

Authentication Banking Phishing Ransomware 70

Thales Cloud Protection & Licensing

JUNE 8, 2023

Fine-grained Authorization: Protecting and controlling user access in a digital-first world madhav Fri, 06/09/2023 - 05:22 Strong and flexible customer authentication is a key driver for adopting a customer identity & access management (CIAM) solution, with customer experience and security being the apparent benefits.

Banking 87

Banking Healthcare Authentication Accountability 87

eSecurity Planet

DECEMBER 19, 2023

Organizations can rent infrastructure components like virtual machines, storage, and networking from IaaS providers rather than owning and managing actual servers and data centers. Escaping these boundaries could potentially allow unauthorized access to sensitive data and compromise the security of the entire infrastructure.

Encryption 95

Encryption Firewall Authentication Software 95

Malwarebytes

NOVEMBER 2, 2023

At Malwarebytes we’ve been telling people for years not to reuse passwords, and that a password manager is a secure way of remembering all the passwords you need for your online accounts. But we also know that a password manager can be overwhelming, especially when you’re just getting started. Encryption.

Passwords 138

Passwords Password Management Data breaches Authentication 138

eSecurity Planet

FEBRUARY 26, 2024

Urgent patching and prompt updates can protect systems from unauthorized access, data breaches, and potential exploitation by threat actors. The problem: CVE-2024-21410 allows remote attackers to carry out NTLM relay attacks on Microsoft Exchange Servers, providing them with privileged access.

Risk 106

Risk Authentication System Administration Ransomware 106

Security Boulevard

MARCH 27, 2023

Okta and Zoom today announced an integration through which cybersecurity administrators will be able to centrally manage end-to-end encryption across the Zoom videoconferencing platform.

Cybersecurity 109

Cybersecurity Encryption Authentication Social Engineering 109