2014, Authentication and Internet - Cyber Security Informer

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

The Last Watchdog

NOVEMBER 11, 2020

As a tradeoff for enjoying our digital lives, we’ve learned to live with password overload and even tolerate two-factor authentication. I had a chance to discuss this seminal transition with George Avetisov, co-founder and chief executive officer of HYPR , a Manhattan-based supplier of advanced authentication technologies.

Authentication

Authentication VPN Passwords Hacking

Threat actors scan Internet for Vulnerable Microsoft Exchange Servers

Security Affairs

FEBRUARY 27, 2020

Experts warn that hackers are actively scanning the Internet for Microsoft Exchange Servers vulnerable in the attempt to exploit the CVE-2020-0688 RCE. Hackers are actively scanning the Internet for Microsoft Exchange Servers affected by the CVE-2020-0688 remote code execution flaw. ” reads the advisory published by Microsoft.

Internet

Internet Internet Authentication Advertising

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Security Affairs

MAY 4, 2020

Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. The two flaws, tracked as CVE-2020-11651 and CVE-2020-11652, are a directory traversal issue and an authentication bypass vulnerability respectively.

Internet

Internet Internet Hacking Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

TroyStealer – A new info stealer targeting Portuguese Internet users

Security Affairs

JUNE 13, 2020

There seems to be a new stealer in town called #TroyStealer , targeting Portuguese internet users EXE: [link] Exfil email address: domionhuby@gmail.com Has anyone seen this threat before? /cc Finally, the malware validates there is a valid Internet connection through a speed test website. on Twitter, and targeting Portuguese users.

Internet

Internet Internet Malware Banking

Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability

Security Affairs

JULY 18, 2020

Hackers have been scanning the Internet for SAP systems affected by RECON vulnerability, researchers from Bad Packets warn. Researchers from Bad Packets reported that threat actors have been scanning the Internet for SAP systems affected by RECON vulnerability , , tracked as CVE-2020-6287. Pierluigi Paganini. Pierluigi Paganini.

Internet

Internet Internet Advertising Accountability

Internet scans found nearly one million systems vulnerable to BlueKeep

Security Affairs

MAY 28, 2019

GreyNoise is observing sweeping tests for systems vulnerable to the RDP "BlueKeep" (CVE-2019-0708) vulnerability from several dozen hosts around the Internet. Now the popular expert Robert Graham has scanned the Internet for vulnerable systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Internet

Internet Internet Advertising Malware

The Hacker Mind Podcast: Scanning the Internet

ForAllSecure

NOVEMBER 2, 2021

éveillé from ESET joins The Hacker Mind podcast to talk about the challenges of building his own internet scanner to scan for elusive malware. What if you were dialed the entire Internet? But to find that information back in 2014, he had to scan the Internet, the entire internet and that was a very noisy process.

Internet

Internet Internet Malware Authentication

The bleak picture of two-factor authentication adoption in the wild

Elie

DECEMBER 20, 2018

This post looks at two-factor authentication adoption in the wild, highlights the disparity of support between the various categories of websites, and illuminates how fragmented the two factor ecosystem is in terms of standard adoption. How prevalent is 2FA authentication? reuse of passwords found in data breaches and phishing attacks.

Authentication

Authentication Internet Internet Software

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

UberEats is an American online food ordering and delivery platform launched by Uber in 2014. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking

Banking Data breaches Mobile Advertising

TheMoon bot infected 40,000 devices in January and February

Security Affairs

MARCH 26, 2024

The activity of the TheMoon botnet was first spotted in 2014, and since 2017 its operators added to the code of the bot at least 6 IoT device exploits. Once the rules have been created, a thread connects to an NTP server from a roster of authentic NTP servers.

IoT

IoT Cybercrime Internet Internet

230k+ Indonesian COVID-19 patients’ records for sale in the Darkweb

Security Affairs

JUNE 21, 2020

Cyble has analyzed the data and confirmed its authenticity, it also indexed the record in its data breach monitoring and notification service AmiBreached.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches

Data breaches Mobile Advertising Authentication

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

Rescator, advertising a new batch of cards stolen in a 2014 breach at P.F. Investigators would later determine that a variant of the malware used in the Target breach was used in 2014 to steal 56 million payment cards from Home Depot customers. Chang’s. At the time, Ika also was the administrator of Pustota[.]pw

Cybercrime

Cybercrime Accountability Advertising Computers and Electronics

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Security Affairs

JULY 13, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Mobile

Mobile InfoSec Data breaches Advertising

Expert found multiple critical issues in MoFi routers

Security Affairs

SEPTEMBER 8, 2020

“The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. An adversary with the private key can remotely authenticate to the management interface as root.” ” reads the advisory published by the expert.

Firmware

Firmware Wireless Authentication Advertising

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Fitis’s Himba affiliate program, circa February 2014. “Why do I need a certificate? Image: Archive.org.

Malware

Malware Cybercrime Software Antivirus

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

JUNE 29, 2020

” Unfortunately, most organizations often neglect the protection of RDP accesses and workers use easy-to-guess passwords and with no additional layers of authentication or protection. Below the recommendations provided by ESET on how to configure remote access correctly: Disable internet-facing RDP. Pierluigi Paganini.

Passwords

Passwords Internet Internet Advertising

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. The researcher describes the issue as a reachable pre-authentication that impacts every SSL VPN appliance. ” states the analysis published by Bishop Fox.

Firewall

Firewall VPN Firmware Internet

Data for 600K customers of U.S. fitness chains Town Sports leaked online

Security Affairs

SEPTEMBER 23, 2020

The database containing personal information of over 600,000 clients of the US fitness chain Town Sports was exposed on the Internet. US fitness chain Town Sports has suffered a data breach, a database belonging to the company containing the personal information of over 600,000 people was exposed on the Internet. Pierluigi Paganini.

Data breaches

Data breaches Phishing Passwords Advertising

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

The Shadowserver Foundation is a nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone. The researchers scanned the Internet for printers that are exposing their Internet Printing Protocol (IPP) port online. and printers (or print servers).

Internet

Internet Internet Firmware Advertising

What Is Sender Policy Framework? SPF Email Explained

eSecurity Planet

MAY 23, 2023

The Sender Policy Framework (SPF) authentication method identifies the authorized mail servers permitted to send email on behalf of a given domain. SPF enables a form of email authentication that defines the domains and internet protocol (IP) addresses authorized by an organization to send emails.

DNS

DNS Phishing Authentication Internet

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

The documents were available without authentication to anyone with a Web browser. According to a filing (PDF) by the New York State Department of Financial Services (DFS), the weakness that exposed the documents was first introduced during an application software update in May 2014 and went undetected for years.

Insurance

Insurance Financial Services Penetration Testing Scams

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the analysis published by Trend Micro.

IoT

IoT Advertising DDOS Authentication

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

“I was able to answer the credit report questions successfully, which authenticated me to their system,” Turner said. That’s because Experian does not offer any type of multi-factor authentication options on consumer accounts. But now he’s wondering what else he could do to prevent another account compromise.

Accountability

Accountability Passwords Authentication Password Management

FBI IC3 warns of cyber attacks exploiting Remote Desktop Protocol (RDP)

Security Affairs

SEPTEMBER 29, 2018

The FBI Internet Crime Complaint Center (IC3) warns of cyber attacks exploiting Remote Desktop Protocol (RDP) vulnerabilities. The FBI Internet Crime Complaint Center (IC3) and the DHS issued a joint alert to highlight the rise of RDP as an attack vector. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cyber Attacks

Cyber Attacks Advertising Internet Internet

Hundreds of female sports stars and celebrities have their naked photos and videos leaked online

Security Affairs

NOVEMBER 22, 2020

The attack took place in the same hours as hackers hit Manchester United and brings us back to mind the Fappening cases that exposed online cache of nude photos and videos of celebrities back in 2014. ” “It can take years to pursue, just to get it taken down from the internet. ” reported The Times. “We

Authentication

Authentication Passwords Hacking Internet

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

The Last Watchdog

AUGUST 18, 2021

Norton got ‘ demergered ’ from Symantec in 2014 and then acquired LifeLock for $2.3 There are simple steps consumers can take today, for free, to lower their overall risk of a cyber attack, including using multi-factor authentication for their accounts and using strong passwords. A lot of water has flowed under the bridge since then.

Antivirus

Antivirus Marketing Identity Theft Social Engineering

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the report.

VPN

VPN Government Authentication Advertising

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” Using hard-to-crack unique passwords to protect sensitive data and accounts, as well as enabling multi-factor authentication. ”

Healthcare

Healthcare Backups Ransomware Insurance

Personal details and SSNs of 40,000 US citizens available for sale

Security Affairs

JULY 13, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Mobile

Mobile Advertising Data breaches Banking

Most of Linux distros affected by a critical RCE in PPP Daemon flaw

Security Affairs

MARCH 6, 2020

The pppd software is an implementation of Point-to-Point Protocol (PPP) that is used to establish internet links over dial-up modems, DSL connections, and many other types of point-to-point links. This is due to the fact that an authenticated attacker may still be able to send unsolicited EAP packet to trigger the buffer overflow.”

Advertising

Advertising Software Authentication Hacking

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

The list appears to be the result of an Internet scan for devices using default credentials or easy-to-guess passwords. ” The lists leaked online are dated October-November 2019, let’s hope that Internet Service Providers will contact ZDNet to receive them and check if the devices belong to their network and secure them. .

IoT

IoT DDOS InfoSec Internet

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

. “ our research has uncovered new vulnerabilities, which we collectively dubbed USBAnywhere , in the baseboard management controllers (BMCs) of Supermicro servers, which can allow an attacker to easily connect to a server and virtually mount any USB device of their choosing to the server, remotely over any network including the Internet.”

Hacking

Hacking Firmware Media Authentication

Security breach impacted Cisco VIRL-PE infrastructure

Security Affairs

MAY 28, 2020

These issues affect the following Cisco products running a vulnerable software release: Cisco Modeling Labs Corporate Edition (CML) Cisco Virtual Internet Routing Lab Personal Edition (VIRL-PE). The two flaws, tracked as CVE-2020-11651 and CVE-2020-11652, are a directory traversal issue and an authentication bypass vulnerability respectively.

Advertising

Advertising Software Authentication Internet

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Security Affairs

OCTOBER 16, 2020

“This flaw exists pre-authentication and within a component (SSLVPN) which is typically exposed to the public Internet.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. 83n SonicOS 6.5.1.12-1n 2 and onwards.

VPN

VPN Firewall Advertising Internet

Google Tsunami vulnerability scanner is now open-source

Security Affairs

JULY 9, 2020

If these systems are exposed to the internet without authentication, attackers can leverage the functionality of the application to execute malicious commands. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Engineering

Engineering Advertising Authentication Passwords

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

APRIL 26, 2020

” “Passwords associated with external authentication systems such as AD or LDAP are unaffected. Sophos pointed out that passwords associated with external authentication systems such as AD or LDAP are unaffected. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firewall

Firewall Passwords Accountability Advertising

Hackers are scanning the web for vulnerable Citrix systems

Security Affairs

JULY 10, 2020

Threat actors are scanning the Internet for Citrix systems affected by the recently disclosed vulnerabilities. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising CISO Technology Authentication

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. Experts note that the exploit is only effective for authenticated sessions and the affected devices are End of Life (EOL) from 2012.

IoT

IoT DDOS Authentication Advertising

Researchers warn of QNAP NAS attacks in the wild

Security Affairs

AUGUST 31, 2020

Hackers are scanning the Internet for vulnerable network-attached storage (NAS) devices running multiple QNAP firmware versions vulnerable to a remote code execution (RCE) vulnerability addressed by the vendor 3 years ago. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware

Firmware Advertising Malware Internet

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS IoT Internet Internet

Flaws in leading industrial remote access systems allow disruption of operations

Security Affairs

OCTOBER 1, 2020

The Agency confirmed that an authenticated attacker with access to the solution via a general license could exploit the flaws to trigger a DoS condition or to achieve arbitrary information disclosure and data manipulation. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Authentication VPN Firewall

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

In 2014 its global sales reached $55.91 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet has obtained a copy of the list with the help of threat intelligence firm KELA and verified confirmed the authenticity of the data. Likely the threat actors who compiled this list scanned the internet for Pulse Secure VPN servers between June 24 and July 8, 2020, and exploited the CVE-2019-11510 vulnerability to gather server details.

VPN

VPN Passwords Banking Advertising

Stealing videos from VLC

Security Affairs

MARCH 26, 2020

Mitigation from VLC Security team: They implemented a user-friendly authentication mechanism on VLC iOS web server for WiFi Sharing. Passcode authentication is enabled when VLC’s passcode setting is enabled and the user uses the passcode that he set in VLC’s settings to log into Wifi Sharing. Original post at: [link].

Advertising

Advertising Media Authentication Internet

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

Threat actors scan Internet for Vulnerable Microsoft Exchange Servers

Webinars

Trending Sources

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Webinars

TroyStealer – A new info stealer targeting Portuguese Internet users

Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability

Internet scans found nearly one million systems vulnerable to BlueKeep

The Hacker Mind Podcast: Scanning the Internet

The bleak picture of two-factor authentication adoption in the wild

UberEats data leaked on the dark web

TheMoon bot infected 40,000 devices in January and February

230k+ Indonesian COVID-19 patients’ records for sale in the Darkweb

Ten Years Later, New Clues in the Target Breach

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Expert found multiple critical issues in MoFi routers

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Data for 600K customers of U.S. fitness chains Town Sports leaked online

A daily average of 80,000 printers exposed online via IPP

What Is Sender Policy Framework? SPF Email Explained

NY Charges First American Financial for Massive Data Leak

New Mirai variant includes exploit for a flaw in Comtrend Routers

Experian, You Have Some Explaining to Do

FBI IC3 warns of cyber attacks exploiting Remote Desktop Protocol (RDP)

Hundreds of female sports stars and celebrities have their naked photos and videos leaked online

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

New Ransom Payment Schemes Target Executives, Telemedicine

Personal details and SSNs of 40,000 US citizens available for sale

Most of Linux distros affected by a critical RCE in PPP Daemon flaw

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

USBAnywhere BMC flaws expose Supermicro servers to hack

Security breach impacted Cisco VIRL-PE infrastructure

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Google Tsunami vulnerability scanner is now open-source

Hackers exploit SQL injection zero-day issue in Sophos firewall

Hackers are scanning the web for vulnerable Citrix systems

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Researchers warn of QNAP NAS attacks in the wild

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Flaws in leading industrial remote access systems allow disruption of operations

Maze ransomware operators claim to have breached LG Electronics

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Stealing videos from VLC

Stay Connected