2013 and Authentication - Cyber Security Informer

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

Griffin said a follow-up investigation revealed the attackers had used his Gmail account to gain access to his Coinbase account from a VPN connection in California, providing the multi-factor code from his Google Authenticator app. Tony got into bitcoin back in 2013 and has been investing in it ever since.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

Security Affairs

FEBRUARY 19, 2025

The second vulnerability, tracked CVE-2025-26466 (CVSS score: 5.9), affects both the OpenSSH client and server, allowing a pre-authentication denial-of-service attack. Introduced in December 2014 (OpenSSH 6.8p1), this flaw remained active, with FreeBSD enabling VerifyHostKeyDNS by default from 2013 to 2023, increasing exposure.

Authentication

Authentication System Administration DNS Hacking

The ticking time bomb of Microsoft Exchange Server 2013

DoublePulsar

DECEMBER 22, 2023

I’ve discovered two organisations with ransomware incidents, where the entry point appears to have been Exchange Server 2013 with Outlook Web Access enabled, where all available security updates were applied. But since there were a range of post authentication Exchange Server vulnerabilities this year ( link ), I doubt it is a zero day.

Ransomware

Ransomware Internet Internet Software

CISA Urges Exchange Online Authentication Update

eSecurity Planet

JUNE 30, 2022

CISA noted that Basic authentication is simple and pretty convenient but unsecured by design. And it’s incompatible with multi-factor authentication (MFA) systems , so admins might be discouraged from enabling it. or Microsoft Active Directory Authentication Library uses tokens that expire quickly and cannot be reused elsewhere.

Authentication

Authentication Government Passwords Cybersecurity

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

The Last Watchdog

NOVEMBER 11, 2020

As a tradeoff for enjoying our digital lives, we’ve learned to live with password overload and even tolerate two-factor authentication. I had a chance to discuss this seminal transition with George Avetisov, co-founder and chief executive officer of HYPR , a Manhattan-based supplier of advanced authentication technologies.

Authentication

Authentication VPN Passwords Hacking

XE Group shifts from credit card skimming to exploiting zero-days

Security Affairs

FEBRUARY 10, 2025

Active since at least 2013 , XE Group is a cybercriminal group focused on credit card skimming and password theft via supply chain attacks. CVE-2024-57968 allows remote authenticated users to upload files to unintended folders, while CVE-2025-25181 is an SQL injection flaw enabling remote SQL execution (no patch available).

Manufacturing

Manufacturing Cybercrime Authentication Passwords

On world password day, Microsoft says fewer passwords, more passkeys

Malwarebytes

MAY 2, 2025

In 2013, Intel introduced World Password Day to remind people of the importance of strong passwords. The alternative: passkeys Passkeys are an alternative, more modern authentication method designed to replace passwords with a safer, simpler alternative. The authentication process is as simple as unlocking your device.

Passwords

Passwords Password Management Authentication Accountability

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

AUGUST 6, 2020

Dubner said all customers are required to use multi-factor authentication, and that everyone applying for access to its services undergoes a rigorous vetting process. In 2013, KrebsOnSecurity broke the news that the U.S. Also in 2013, KrebsOnSecurity broke the news that ssndob[.]ms

Accountability

Accountability Identity Theft Hacking Insurance

It’s Still Easy for Anyone to Become You at Experian

Krebs on Security

NOVEMBER 11, 2023

I immediately suspected that Experian was still allowing anyone to recreate their credit file account using the same personal information but a different email address, a major authentication failure that was explored in last year’s story, Experian, You Have Some Explaining to Do. 9, 2022 and Dec.

Accountability

Accountability Authentication Passwords Identity Theft

Microsoft Patch Tuesday, February 2022 Edition

Krebs on Security

FEBRUARY 8, 2022

Among those is CVE-2022-22005 , a weakness in Microsoft’s Sharepoint Server versions 2013-2019 that could be exploited by any authenticated user. “However, given the number of stolen credentials readily available on underground markets, getting authenticated could be trivial. .

Authentication

Authentication Internet Internet System Administration

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Krebs on Security

MARCH 2, 2021

The patches released today fix security problems in Microsoft Exchange Server 2013 , 2016 and 2019. The software giant typically releases security updates on the second Tuesday of each month, but it occasionally deviates from that schedule when addressing active attacks that target newly identified and serious vulnerabilities in its products.

Internet

Internet Internet Software Education

Ukraine Nabs Suspect in 773M Password ?Megabreach?

Krebs on Security

MAY 19, 2020

“In fact, large aggregations of stolen credentials have been around since 2013-2014. Finally, if you haven’t done so lately, mosey on over to twofactorauth.org and see if you are taking full advantage of the strongest available multi-factor authentication option at sites you trust with your data.

Passwords

Passwords Accountability Hacking Password Management

Microsoft Patch Tuesday, April 2021 Edition

Krebs on Security

APRIL 13, 2021

Microsoft released updates to fix four more flaws in Exchange Server versions 2013-2019 ( CVE-2021-28480 , CVE-2021-28481 , CVE-2021-28482 , CVE-2021-28483 ). Interestingly, all four were reported by the U.S. National Security Agency , although Microsoft says it also found two of the bugs internally.

Authentication

Authentication Backups Malware Engineering

Careto is back: what’s new after 10 years of silence?

SecureList

DECEMBER 12, 2024

Authentication panel of the WorldClient component Implanting the MDaemon server The persistence method used by the threat actor was based on WorldClient allowing loading of extensions that handle custom HTTP requests from clients to the email server. tmp ~dfae01202c5f0dba42.cmd cmd c_27803.nls nls c_12058.nls

Malware

Malware Media Encryption Engineering

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

was responsible for $17 million worth of stolen credential sales since its inception in 2013. Firsov is slated to be arraigned later this week, when he will face two felony counts, specifically aiding and abetting the unauthorized solicitation of access devices, and aiding and abetting trafficking in “false authentication features.”

Accountability

Accountability Advertising Hacking Cybercrime

Microsoft Patch Tuesday, March 2023 Edition

Krebs on Security

MARCH 15, 2023

The Outlook vulnerability ( CVE-2023-23397 ) affects all versions of Microsoft Outlook from 2013 to the newest. ” “The vulnerability effectively lets the attacker authenticate as a trusted individual without having to know the person’s password,” Breen said.

Passwords

Passwords Cyber threats Authentication Internet

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

“I was able to answer the credit report questions successfully, which authenticated me to their system,” Turner said. That’s because Experian does not offer any type of multi-factor authentication options on consumer accounts. But now he’s wondering what else he could do to prevent another account compromise.

Accountability

Accountability Passwords Authentication Password Management

Experian API Exposed Credit Scores of Most Americans

Krebs on Security

APRIL 28, 2021

” Demirkapi found the Experian API could be accessed directly without any sort of authentication, and that entering all zeros in the “date of birth” field let him then pull a person’s credit score. ” Demirkapi’s Experian credit score lookup tool.

Insurance

Insurance Identity Theft Accountability Technology

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. ” Caturegli said setting up an email server record for memrtcc.ad

DNS

DNS Internet Internet Authentication

Microsoft Patch Tuesday, November 2021 Edition

Krebs on Security

NOVEMBER 9, 2021

Unlike the four zero-days involved in the mass compromise of Exchange Server systems earlier this year, CVE-2021-42321 requires the attacker to be already authenticated to the target’s system. As Exchange zero-days go, CVE-2021-42321 appears somewhat mild by comparison.

Backups

Backups Authentication Passwords Internet

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

. “To make sure that your Exchange organization is better protected against the latest threats (for example Emotet, TrickBot or WannaCry to name a few) we recommend disabling SMBv1 if it’s enabled on your Exchange (2013/2016/2019) server.” It also provides an authenticated inter-process communication mechanism.

Authentication

Authentication Malware Advertising Hacking

Microsoft: Two New 0-Day Flaws in Exchange Server

Krebs on Security

OCTOBER 1, 2022

In customer guidance released Thursday, Microsoft said it is investigating two reported zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019.

Hacking

Hacking Passwords Internet Internet

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

The Last Watchdog

APRIL 16, 2020

organizations between January 2013 and July 2019. economy Manipulating identities Threat actors seek out AD for the same reason corporations rely on it: AD is the hub of authentication, supplying Single Sign-On (SSO) access across the entire company network. Ransomware continues to endure as a highly lucrative criminal enterprise.

Ransomware

Ransomware Hacking Authentication Manufacturing

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Security Affairs

MARCH 16, 2020

Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which runs as SYSTEM.” A remote, authenticated attacker could exploit the CVE-2020-0688 vulnerability to execute arbitrary code with SYSTEM privileges on a server and take full control.

Advertising

Advertising Authentication Internet Internet

Authentication Bypass in Deepin D-Bus Proxy Service (CVE-2025-23222): A Critical Design Flaw Exposed

Penetration Testing

JANUARY 28, 2025

A significant security vulnerability has been identified in the Deepin desktop environment’s dde-api-proxy service, earning the designation CVE-2025-23222 The post Authentication Bypass in Deepin D-Bus Proxy Service (CVE-2025-23222): A Critical Design Flaw Exposed appeared first on Cybersecurity News.

Authentication

Authentication Cybersecurity Accountability

Data belonging 44 Million Pakistani mobile users leaked online

Security Affairs

MAY 6, 2020

It seems that the huge trove of data was the result of a data breach that took place in 2017, the oldest entries are dated back as 2013. The dump was discovered by a Dubai-based cybersecurity firm Rewterz ( @rewterz ) that confirmed its authenticity and the Pakistan Telecommunication Authority (PTA) is investigating the matter.

Mobile

Mobile Telecommunications Data breaches Advertising

Top 10 Data Breaches of All Time

SecureWorld News

MARCH 24, 2022

Yahoo data breach (2013). Summary: Yahoo believes that "state-sponsored actors" compromised all of their users accounts between 2013 and 2014. Summary: This data breach was unique in the sense that there was not a breach in the company's servers, but an authentication error, meaning no authentication was required to view documents.

Data breaches

Data breaches Passwords Accountability Government

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a In December 2023, KrebsOnSecurity published new details about the identity of “Rescator,” a Russian cybercriminal who is thought to be closely connected to the 2013 data breach at Target.

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Auth0’s Matias Woloski on prioritizing the developer experience

CSO Magazine

JUNE 21, 2022

Auth0 is a cloud identity platform that helps developers deal with authentication and authorization. It was founded in 2013 by Woloski (CTO) and Eugenio Pace (CEO) via remote partnership while Woloski lived in Argentina and Pace in the US. He currently acts as its CTO, a role to which brings a forward-looking dynamism.

Authentication

Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks

Security Affairs

SEPTEMBER 30, 2020

Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which runs as SYSTEM.” A remote, authenticated attacker could exploit the CVE-2020-0688 vulnerability to execute arbitrary code with SYSTEM privileges on a server and take full control.

Advertising

Advertising Authentication Hacking Accountability

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

Thales Cloud Protection & Licensing

JANUARY 22, 2025

In response to ongoing security threats and privacy violations, the Department of Health and Human Services (HHS) has published significant updates to the HIPAA Security Rulethe first substantial revision since 2013. Implement Multi-Factor Authentication (MFA) : Use MFA to secure access to sensitive systems.

Healthcare

Healthcare Cybersecurity Data breaches Encryption

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

By 2013, new LastPass customers were given 5,000 iterations by default. To automatically populate the appropriate credentials at any website going forward, you simply authenticate to LastPass using your master password. The more iterations, the longer it takes an offline attacker to crack your master password.

Passwords

Passwords Encryption Password Management Cryptocurrency

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Krebs on Security

SEPTEMBER 27, 2023

DomainTools says there are more than 1,300 current and former domain names registered to Mihail Kolesnikov between 2013 and July 2023. Either way, it’s clearly a pseudonym, but there are some other commonalities among these domains that may provide insight into how Snatch and other ransomware groups are sourcing their victims.

Ransomware

Ransomware Internet Internet Phishing

Microsoft says to ditch passwords all together on World Password Day

CyberSecurity Insiders

MAY 6, 2022

World Password Day is celebrated in May every year and is being done since 2013 as a group of Cybersecurity Professionals declared the first Thursday of May every year as the day to celebrate as the security day of our online lives. But Microsoft Authenticator app doesn’t offer such troubles. percent of accounts from being compromised.

Passwords

Passwords Authentication Accountability Password Management

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

MARCH 8, 2022

CVE ID Vulnerability Name Due Date CVE-2022-26486 Mozilla Firefox Use-After-Free Vulnerability 03/21/22 CVE-2022-26485 Mozilla Firefox Use-After-Free Vulnerability 03/21/22 CVE-2021-21973 VMware vCenter Server, Cloud Foundation Server Side Request Forgery (SSRF) 03/21/22 CVE-2020-8218 Pulse Connect Secure Code Injection Vulnerability 09/07/22 CVE-2019-11581 (..)

Authentication

Authentication Hacking Cybersecurity Risk

GUEST ESSAY: ‘World password day’ reminds us to embrace password security best practices

The Last Watchdog

MAY 26, 2021

Did you know that this unconventional celebration got its start in 2013, and that it’s now an official holiday on the annual calendar? Use multi-factor authentication. Multi-factor authentication (MFA) is the process of protecting your digital password with a physical form of identification.

Passwords

Passwords Password Management Accountability Authentication

New FIDO2 Devices offer a single token for combined PKI – FIDO use cases, without the need to rip and replace existing infrastructure

Thales Cloud Protection & Licensing

FEBRUARY 25, 2020

The Verizon 2019 Data Breach Investigations Report advises organizations to deploy multifactor authentication throughout all systems and discourage password reuse. The combination of prominent media-reported mega breaches and less famous identity thefts have promoted the industry to adopt passwordless authentication methods.

Digital transformation

Digital transformation Authentication Identity Theft Passwords

US ballistic missile defense systems (BMDS) open to cyber attacks

Security Affairs

DECEMBER 16, 2018

” The report states the BMDS did not implement security controls such as multifactor authentication, vulnerability assessment and mitigation, server rack security, protection of classified data stored on removable media, encrypting transmitted technical information, physical facility security such as cameras and sensors. .

Cyber Attacks

Cyber Attacks Media Encryption Authentication

Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it

CSO Magazine

DECEMBER 15, 2022

Nearly a year later, Exchange Server admins are met with another threat: ProxyNotShell, which in fact is a vulnerability chain comprising two actively exploited flaws: CVE-2022-41040 is a server-side request forgery (SSRF) vulnerability that an authenticated attacker can exploit for privilege escalation.

InfoSec

InfoSec Authentication Internet Internet

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

MARCH 28, 2019

In March 2013, several impossibly massive waves of nuisance requests – peaking as high as 300 gigabytes per second— swamped Spamhaus , knocking the anti-spam organization off line for extended periods. As it now stands, CoAP does not require authentication to reply with a large response to a small request, Shin told me.

DDOS

DDOS IoT DNS Internet

Microsoft Exchange zero-day and exploit could allow anyone to be an admin

Security Affairs

JANUARY 25, 2019

“Recently I came across a blog from the ZDI, in which they detail a way to let Exchange authenticate to attackers using NTLM over HTTP. Mollema demonstrated that it’s possible to transfer automatic Windows authentication by connecting a machine on the network to a machine under the control of the attacker.

Authentication

Authentication Advertising Passwords Hacking

PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online

Security Affairs

NOVEMBER 20, 2022

they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell in the context of the system and gain arbitrary or remote code execution on vulnerable servers. It's perhaps just Exchange 2013 that requires a tweak. Can confirm.

Authentication

Authentication Hacking Cybersecurity Information Security

New Russia Malware targets firewall appliances

CyberSecurity Insiders

FEBRUARY 23, 2022

Keeping devices updated with the latest software, using multi-factor authentication, segregating management interfaces of network devices from the internet and changing passwords once or twice in a month is being advised by NCSC to safeguard their IT assets from being attacked by Cyclops Blink malware. Now some statistic facts about malware.

Firewall

Firewall Malware IoT Software

Microsoft confirms Exchange zero-day flaws actively exploited in the wild

Security Affairs

OCTOBER 1, 2022

The IT giant has promptly started the investigation into the two zero-day vulnerabilities that impacts Microsoft Exchange Server 2013, 2016, and 2019. Successful exploitation of the CVE-2022-41040 can allow an authenticated attacker to remotely trigger CVE-2022-41082. . ” reads the advisory published by Microsoft.

Authentication

Authentication Hacking Cybersecurity Risk

How to Lose a Fortune with Just One Bad Click

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

Trending Sources

The ticking time bomb of Microsoft Exchange Server 2013

CISA Urges Exchange Online Authentication Update

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

XE Group shifts from credit card skimming to exploiting zero-days

On world password day, Microsoft says fewer passwords, more passkeys

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

It’s Still Easy for Anyone to Become You at Experian

Microsoft Patch Tuesday, February 2022 Edition

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Ukraine Nabs Suspect in 773M Password ?Megabreach?

Microsoft Patch Tuesday, April 2021 Edition

Careto is back: what’s new after 10 years of silence?

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Microsoft Patch Tuesday, March 2023 Edition

Experian, You Have Some Explaining to Do

Experian API Exposed Credit Scores of Most Americans

Local Networks Go Global When Domain Names Collide

Microsoft Patch Tuesday, November 2021 Edition

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Microsoft: Two New 0-Day Flaws in Exchange Server

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Authentication Bypass in Deepin D-Bus Proxy Service (CVE-2025-23222): A Critical Design Flaw Exposed

Data belonging 44 Million Pakistani mobile users leaked online

Top 10 Data Breaches of All Time

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Auth0’s Matias Woloski on prioritizing the developer experience

Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Microsoft says to ditch passwords all together on World Password Day

CISA urges to fix actively exploited Firefox zero-days by March 21

GUEST ESSAY: ‘World password day’ reminds us to embrace password security best practices

New FIDO2 Devices offer a single token for combined PKI – FIDO use cases, without the need to rip and replace existing infrastructure

US ballistic missile defense systems (BMDS) open to cyber attacks

Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

Microsoft Exchange zero-day and exploit could allow anyone to be an admin

PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online

New Russia Malware targets firewall appliances

Microsoft confirms Exchange zero-day flaws actively exploited in the wild

Stay Connected