Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking 94

Hacking Firmware Authentication DNS 94

Security Affairs

JANUARY 21, 2023

Researchers warn of about 19,500 end-of-life Cisco VPN routers on the Internet that are exposed to the recently disclosed RCE exploit chain. The IT giant announced that these devices will receive no security updates to address the bug because they have reached end of life (EoL). reads the advisory published by the company.

Hacking 95

Hacking Small Business VPN Internet 95

Security Affairs

SEPTEMBER 25, 2023

Sonar’s Vulnerability Research Team discovered a critical security vulnerability, tracked as CVE-2023-42793 (CVSS score of 9.8), in TeamCity. The vulnerability is an authentication bypass issue affecting the on-premises version of TeamCity. ” According to Shodan, more than 3,000 on-premises servers are exposed to the Internet.

Hacking 114

Hacking Software Authentication Internet 114

Security Affairs

SEPTEMBER 9, 2021

Zoho urges customers to address an authentication bypass vulnerability in its ManageEngine ADSelfService Plus that is actively exploited in the wild. Zoho has released a security patch to address an authentication bypass vulnerability, tracked as CVE-2021-40539, in its ManageEngine ADSelfService Plus. Pierluigi Paganini.

Authentication 105

Authentication Password Management Passwords Internet 105

Security Affairs

SEPTEMBER 22, 2022

Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. The tool is not designed to be exposed on the Internet, however, researchers spotted tens thousands Redis instance publicly accessible without authentication. SecurityAffairs – hacking, mining).

Cryptocurrency 93

Cryptocurrency Internet Internet Hacking 93

SecureList

AUGUST 14, 2023

Another tactic, popular with scammers big and small, phishers included, is hacking websites and placing malicious content on those, rather than registering new domains. Besides tucking a phishing page inside the website they hack, scammers can steal all of the data on the server and completely disrupt the site’s operation.

Phishing 79

Phishing Hacking Banking Scams 79

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. The fact that there are so many different APIs is the main challenge for enterprises when it comes to API security.

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

Security Affairs

JULY 25, 2022

The now patched vulnerabilities are an authentication bypass issue tracked as CVE-2022-34907 and a hardcoded cryptographic key tracked as CVE-2022-34906. A remote attacker can trigger the vulnerabilities to bypass authentication and gain full control over the MDM platform and its managed devices. x, prior to 14.7.2. Pierluigi Paganini.

Hacking 89

Hacking Authentication Internet Internet 89

Security Affairs

JULY 26, 2023

Experts warn of a severe privilege escalation, tracked as CVE-2023-30799 , in MikroTik RouterOS that can be exploited to hack vulnerable devices. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface.” “MikroTik RouterOS stable before 6.49.7

Hacking 93

Hacking Passwords Authentication Encryption 93

Security Affairs

JUNE 25, 2021

Fortinet has recently addressed a high-severity vulnerability ( CVE-2021-22123 ) affecting its FortiWeb web application firewall (WAF), a remote, authenticated attacker can exploit it to execute arbitrary commands via the SAML server configuration page. SecurityAffairs – hacking, ransomware). SecurityAffairs – hacking, ransomware).

Hacking 108

Hacking Firewall Authentication Technology 108

Security Affairs

MAY 29, 2024

By May 24, 2024 we identified a small number of login attempts using old VPN local-accounts relying on unrecommended password-only authentication method,” the company said. “We have recently witnessed compromised VPN solutions, including various cyber security vendors. ” reads an update to the initial advisory.

VPN 95

VPN Authentication Passwords Accountability 95

Security Affairs

AUGUST 27, 2021

Braun ‘s Infusomat Space Large Volume Pump and SpaceStation that could be remotely hacked. CVE-2021-33885 – Insufficient Verification of Data Authenticity (CVSS 9.7) CVE-2021-33882 – Missing Authentication for Critical Function (CVSS 8.2) CVE-2021-33883 – Cleartext Transmission of Sensitive Information (CVSS 7.1)

Hacking 103

Hacking Authentication Internet Internet 103

Security Affairs

MAY 20, 2024

Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. They manage and operate many internet-connected laundry machines and systems, offering services such as coin and card-operated laundry machines, mobile payment solutions, and maintenance support.

Mobile 120

Mobile Internet Internet Accountability 120

Security Affairs

NOVEMBER 15, 2020

million Pluto TV user accounts on a hacking forum for free, he claims they were stolen by ShinyHunters threat actor. million Pluto TV user records, he also added that the service was hacked by ShinyHunters. SecurityAffairs – hacking, ShinyHunters). SecurityAffairs – hacking, ShinyHunters). A hacker has shared 3.2

Accountability 94

Accountability Hacking Data breaches Passwords 94

Security Affairs

AUGUST 13, 2023

Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. CVE-2023-3266: Improperly Implemented Security Check for Standard (Auth Bypass; CVSS 7.5) CVE-2023-3267: OS Command Injection (Authenticated RCE; CVSS 7.5)

Hacking 84

Hacking Firmware Authentication Software 84

Security Affairs

MAY 8, 2024

A critical Remote Code Execution vulnerability in the Tinyproxy service potentially impacted 50,000 Internet-Exposing hosts. The vulnerability impacts over 90,000 hosts that expose a Tinyproxy service on the internet. the code is only triggered after access list checks and authentication have succeeded. and Tinyproxy 1.10.0.

Internet 103

Internet Internet Authentication Passwords 103

Security Affairs

JANUARY 18, 2023

The vulnerabilities discovered in the Netcomm routers are a a stack based buffer overflow and an authentication bypass, respectively tracked as CVE-2022-4873 and CVE-2022-4874. CVE-2022-4874 – Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content.

Hacking 85

Hacking Authentication Software Internet 85

Security Affairs

JUNE 13, 2020

There seems to be a new stealer in town called #TroyStealer , targeting Portuguese internet users EXE: [link] Exfil email address: domionhuby@gmail.com Has anyone seen this threat before? /cc Finally, the malware validates there is a valid Internet connection through a speed test website. on Twitter, and targeting Portuguese users.

Internet 106

Internet Internet Malware Banking 106

Security Affairs

DECEMBER 19, 2023

The vulnerability was discovered by security researchers at Positive Technologies and disclosed to Citrix in October 10, 2023. Security firm Mandiant observed threat actors hijacking sessions where session data was stolen before the patch deployment and subsequently used by the threat actor.

Authentication 103

Authentication Data breaches Passwords Internet 103

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 84

Spyware Data breaches Hacking Ransomware 84

Security Affairs

FEBRUARY 27, 2020

Experts warn that hackers are actively scanning the Internet for Microsoft Exchange Servers vulnerable in the attempt to exploit the CVE-2020-0688 RCE. Hackers are actively scanning the Internet for Microsoft Exchange Servers affected by the CVE-2020-0688 remote code execution flaw. ” reads the advisory published by Microsoft.

Internet 91

Internet Internet Authentication Advertising 91

Security Affairs

JULY 8, 2021

Critical) Update available CVE-2020-7387 CWE-200 : Exposure of Sensitive Information to an Unauthorized Actor in AdxAdmin 5.3 Medium) Update available CVE-2020-7389 CWE-306 Missing Authentication for Critical Function in Developer Environment in Syracuse 5.5 SecurityAffairs – hacking, SAGE). Pierluigi Paganini.

Hacking 105

Hacking Authentication VPN Software 105

Security Affairs

NOVEMBER 24, 2023

Almost a million files with minors’ data, including home addresses and photos were left open to anyone on the internet, posing a threat to children. The DigitalOcean storage bucket, containing almost a million sensitive files, was left open to anyone without requiring authentication.

Identity Theft 105

Identity Theft Internet Internet Education 105

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. “Around 45,000 Microsoft Exchange servers in Germany can currently be accessed from the Internet without restrictions. ” reads the alert published by the BSI.

Information Security 105

Information Security Internet Internet Healthcare 105

Security Affairs

JUNE 7, 2023

Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files using SFTP, SCP, and HTTP-based uploads. ” reads the advisory published by the company. reported Rapid7.

Hacking 75

Hacking Ransomware Retail Cyber Attacks 75

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. Cuttlefish has a modular structure, it was designed to primarily steal authentication data from web requests passing through the router from the local area network (LAN).

Malware 98

Malware DNS Authentication Telecommunications 98

Security Affairs

FEBRUARY 19, 2020

Meanwhile, any hacker viewing the information will see random bits of text with no apparent meaning. Password Protection & Authentication. Apple’s iPhone X, for instance, uses a feature called Face ID, which scans your facial features with infrared sensors and turns that information into a password. About the author.

Artificial Intelligence 88

Artificial Intelligence Information Security Passwords Encryption 88

Security Affairs

JUNE 23, 2020

CLOP ransomware operators have allegedly hacked IndiaBulls Group , an Indian conglomerate headquartered in Gurgaon, India. CLOP ransomware operators have allegedly hacked the Indian conglomerate IndiaBulls Group , its primary businesses are housing finance, consumer finance, and wealth management. . Pierluigi Paganini.

Hacking 101

Hacking Ransomware Banking Mobile 101

Security Affairs

OCTOBER 31, 2023

Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks.” Cisco recommends admins to disable the HTTP server feature on systems exposed on the Internet. reads the advisory published by the company.

Internet 122

Internet Internet Software Accountability 122

Security Affairs

APRIL 20, 2021

According to coordinated reports published by FireEye and Pulse Secure , two hacking groups have exploited a new zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors and government organizations worldwide. ” reads the advisory published by Pulse Secure. .

VPN 111

VPN Hacking Authentication Government 111

Security Affairs

NOVEMBER 25, 2023

MagicLine4NX is a joint certificate program developed by Dream Security, a South Korean company. . “In March 2023, cyber actors used the software vulnerabilities of security authentication and network-linked systems in series to gain unauthorised access to the intranet of a target organisation.”

Software 103

Software Authentication Internet Internet 103

Security Affairs

JULY 18, 2020

Hackers have been scanning the Internet for SAP systems affected by RECON vulnerability, researchers from Bad Packets warn. Researchers from Bad Packets reported that threat actors have been scanning the Internet for SAP systems affected by RECON vulnerability , , tracked as CVE-2020-6287. Pierluigi Paganini. Pierluigi Paganini.

Internet 75

Internet Internet Advertising Accountability 75

Security Affairs

FEBRUARY 9, 2024

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. “An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, x), Ivanti Policy Secure (9.x, x), Ivanti Policy Secure (9.x,

Authentication 96

Authentication Software Internet Internet 96

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. Sandworm were observed targeting open ports and unprotected RDP or SSH interfaces to gain access to the internet-facing systems. ” reads the advisory published by the CERT-UA. “Note (!) .’

Telecommunications 101

Telecommunications Authentication Data collection Passwords 101

Security Affairs

MAY 2, 2024

They aim to exploit modular, internet-exposed Industrial Control Systems (ICS), targeting software components like human machine interfaces (HMIs). based water and wastewater systems (WWS) victims faced limited physical disruptions after attackers hacked into their Human Machine Interfaces (HMIs). In early 2024, several U.S.-based

Passwords 87

Passwords Internet Internet Software 87

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras.

Surveillance 125

Surveillance Manufacturing Passwords Internet 125

Security Affairs

MARCH 12, 2024

“This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server.” The vulnerability CVE-2024-21407 is a Remote Code Execution issue in the Windows Hyper-V.

Internet 111

Internet Internet Authentication Hacking 111