2015 and Authentication - Cyber Security Informer

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

JULY 8, 2021

Also on July 3, security incident response firm Mandiant notified Kaseya that their billing and customer support site — portal.kaseya.net — was vulnerable to CVE-2015-2862 , a “directory traversal” vulnerability in Kaseya VSA that allows remote users to read any files on the server using nothing more than a Web browser.

Software

Software Ransomware System Administration Authentication

DOGE as a National Cyberattack

Schneier on Security

FEBRUARY 13, 2025

The Chinese government’s 2015 breach of OPM was a significant US security failure, and it illustrated how personnel data could be used to identify intelligence officers and compromise national security. First, unauthorized access must be revoked and proper authentication protocols restored.

Government

Government Artificial Intelligence Banking Software

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

The proprietors of the service, who use the collective nickname “ The Manipulaters ,” have been the subject of three stories published here since 2015. The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan.

Phishing

Phishing Cybercrime Advertising Malware

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

.” But in June 2024 testimony to the Senate Finance Committee, it emerged that the intruders had stolen or purchased credentials for a Citrix portal used for remote access, and that no multi-factor authentication was required for that account. which suffered a data breach in 2015 affecting 78.8 Last month, Sens.

Healthcare

Healthcare Insurance Computers and Electronics Data breaches

New Charges Derail COVID Release for Hacker Who Aided ISIS

Krebs on Security

JANUARY 19, 2021

military and government employees and giving it to an Islamic State hacker group in 2015 has been charged once again with fraud and identity theft. In December 2015, Ferizi was apprehended in Malaysia and extradited to the United States. A hacker serving a 20-year sentence for stealing personal data on 1,300 U.S.

Identity Theft

Identity Theft Government Accountability Social Engineering

It’s Still Easy for Anyone to Become You at Experian

Krebs on Security

NOVEMBER 11, 2023

I immediately suspected that Experian was still allowing anyone to recreate their credit file account using the same personal information but a different email address, a major authentication failure that was explored in last year’s story, Experian, You Have Some Explaining to Do. 9, 2022 and Dec.

Accountability

Accountability Authentication Passwords Identity Theft

GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously

The Last Watchdog

MARCH 1, 2023

The IT world relies on digital authentication credentials, such as API keys, certificates, and tokens, to securely connect applications, services, and infrastructures. According to BetterCloud, the average number of software as a service (SaaS) applications used by organizations worldwide has increased 14x between 2015 and 2021.

Authentication

Authentication CISO Software Passwords

New strain of Cerberus Android banking trojan can steal Google Authenticator codes

Security Affairs

FEBRUARY 27, 2020

Experts found a new version of the Cerberus Android banking trojan that can steal one-time codes generated by the Google Authenticator app and bypass 2FA. Now the authors implemented the ability to steal 2FA code from the Google Authenticator app abusing the Accessibility Privileges. Pierluigi Paganini.

Banking

Banking Authentication Advertising Malware

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

“I was able to answer the credit report questions successfully, which authenticated me to their system,” Turner said. That’s because Experian does not offer any type of multi-factor authentication options on consumer accounts. But now he’s wondering what else he could do to prevent another account compromise.

Accountability

Accountability Passwords Authentication Password Management

A flaw in India Digilocker could?ve been exploited to bypass authentication

Security Affairs

JUNE 8, 2020

DigiLocker provides an account in cloud to every Aadhaar holder to access authentic documents/certificates such as driving license, vehicle registration, academic mark sheet in digital format from the original issuers of these certificates. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Mobile Accountability Passwords

Sendgrid Under Siege from Hacked Accounts

Krebs on Security

AUGUST 28, 2020

Sendgrid’s parent company Twilio says it is working on a plan to require multi-factor authentication for all of its customers, but that solution may not come fast enough for organizations having trouble dealing with the fallout in the meantime. Image: Wikipedia. ”

Accountability

Accountability Hacking Authentication Marketing

State Department’s Email Server Breached

Adam Levin

SEPTEMBER 20, 2018

A study released by the Government Accountability Office earlier this year showed that the State Department has deployed two-factor authentication to only 11% of the devices used by staff. Two-factor authentication is a legal requirement and also considered a bare minimum protocol for cybersecurity protection.

Authentication

Authentication Government Cyber Attacks Hacking

GUEST ESSAY: Ponemon study warns: AI-enhanced deepfake attacks taking aim at senior execs

The Last Watchdog

APRIL 22, 2025

Typically, the attacker collects authentic media samples of their target, including still images, videos, and audio clips, to train the deep learning model. The more training data used, the more authentic the deepfake appears.

Authentication

Authentication Social Engineering Technology Media

E-Verify’s “SSN Lock” is Nothing of the Sort

Krebs on Security

JULY 4, 2020

After verifying my email address, I was asked to pick a strong password and select a form of multi-factor authentication (MFA). The most secure MFA option offered (a one-time code generated by an app like Google Authenticator or Authy) was already pre-selected, so I chose that.

Accountability

Accountability Passwords Authentication Insurance

News Alert: W3C advances technology to streamline payment authentication

The Last Watchdog

JUNE 15, 2023

The World Wide Web Consortium today announced a standardization milestone for a new browser capability that helps to streamline user authentication and enhance payment security during Web checkout. Customer authentication For the past 15 years, e-commerce has increased as a percentage of all retail sales.

Authentication

Authentication Technology Banking Media

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

SEPTEMBER 4, 2018

The database required no authentication. In addition, the database included the Apple iCloud username and authentication token of mobile devices running mSpy, and what appear to be references to iCloud backup files. In May 2015, KrebsOnSecurity broke the news that mSpy had been hacked and its customer data posted to the Dark Web.

Spyware

Spyware Mobile Advertising Software

Twitter allows users to use 2FA without a phone number

Security Affairs

NOVEMBER 24, 2019

Twitter announced that its users can protect their accounts with 2-Factor Authentication (2FA) even if they don’t have a phone number. Twitter is going to allow its users to protect their accounts with 2-Factor Authentication (2FA) even if they don’t have a phone number. Pierluigi Paganini.

Authentication

Authentication Mobile Advertising Accountability

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. One of Megatraffer’s ads on an English-language cybercrime forum. Fitis’s Himba affiliate program, circa February 2014.

Malware

Malware Cybercrime Software Antivirus

Microsoft Patch Tuesday, March 2022 Edition

Krebs on Security

MARCH 9, 2022

“Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it,” Wiseman said. “Luckily, like this month’s Exchange vulnerabilities, this, too, requires authentication.”

Authentication

Authentication Cyber threats Ransomware Software

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

FEBRUARY 12, 2019

VFEmail’s Twitter account responded that “external facing systems, of differing OS’s and remote authentication, in multiple data centers are down.” Strangely, not all VMs shared the same authentication, but all were destroyed. The first signs of the attack came on the morning of Feb. Just attack and destroy.”

Hacking

Hacking DDOS Backups Accountability

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. which is a product that became end-of-life (EOL) in 2015 and end-of-support-life (EOSL) in 2019.” Pierluigi Paganini.

IoT

IoT DDOS Authentication Firmware

IRS To Ditch Biometric Requirement for Online Access

Krebs on Security

FEBRUARY 7, 2022

In a statement published today, the IRS said it was transitioning away from using a third-party service for facial recognition to help authenticate people creating new online accounts. “During the transition, the IRS will quickly develop and bring online an additional authentication process that does not involve facial recognition. .

Insurance

Insurance Government Authentication Accountability

HPE addresses critical auth bypass issue in SSMC console

Security Affairs

OCTOBER 25, 2020

HPE fixed a remote authentication bypass vulnerability in HPE StoreServ Management Console (SSMC) data center storage management solution. The CVE-2020-7197 flaw is a remote authentication bypass vulnerability that affects HPE 3PAR StoreServ Management and Core Software Media prior to 3.7.0.0. ” reads the advisory. .

Authentication

Authentication Advertising Media Hacking

Trend Micro addresses two issues exploited by hackers in the wild

Security Affairs

MARCH 18, 2020

It could be exploited by a remote, authenticated attacker to execute arbitrary code on vulnerable installs. An attempted attack requires user authentication.” The vulnerability could be exploited by an authenticated attacker to “manipulate certain agent client components.”. An attempted attack requires user authentication.”

Authentication

Authentication Antivirus Advertising Cybercrime

VMware addresses serious flaws in vRealize Operations for Horizon Adapter

Security Affairs

FEBRUARY 21, 2020

VMware has addressed serious vulnerabilities in vRealize Operations for Horizon Adapter, including remote code execution and authentication bypass flaws. “vRealize Operations for Horizon Adapter has an improper trust store configuration leading to authentication bypass. ” continues the advisory. x on Windows.

Authentication

Authentication Telecommunications Advertising Hacking

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Security Affairs

SEPTEMBER 11, 2024

An attacker could bypass Office macro policies by tricking an authenticated user into downloading and opening a specially crafted file from a website. This file could bypass Mark of the Web (MOTW) defenses, potentially compromising security features like SmartScreen Application Reputation and Windows Attachment Services security prompts.

Social Engineering

Social Engineering IoT Authentication Engineering

Cisco fixes 5 critical flaws that could allow router firewall takeover

Security Affairs

JULY 16, 2020

Cisco addresses a critical remote code execution (RCE), authentication bypass, and static default credential flaws that could lead to full router takeover. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firewall

Firewall Small Business Wireless Authentication

Palo Alto Networks addresses tens of serious issues in PAN-OS

Security Affairs

MAY 15, 2020

One of the most severe vulnerabilities, tracked as CVE-2020-2018 , is an authentication bypass vulnerability in the Panorama context switching feature. This vulnerability does not impact Panorama configured with custom certificates authentication for communication between Panorama and managed devices. The issue received a CVSSv3.1

Firewall

Firewall Authentication Advertising VPN

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

The vulnerability is a post-authentication command injection issue and impacts Nighthawk (R7800) routers running firmware prior to version 1.0.2.60. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Authentication

Microsoft failed to fix LSASS elevation of privilege flaw

Security Affairs

AUGUST 13, 2020

“An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. “The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests.”

Authentication

Authentication Advertising Hacking Information Security

230k+ Indonesian COVID-19 patients’ records for sale in the Darkweb

Security Affairs

JUNE 21, 2020

Cyble has analyzed the data and confirmed its authenticity, it also indexed the record in its data breach monitoring and notification service AmiBreached.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Advertising Mobile Authentication

LastPass: Password Manager Review for 2021

eSecurity Planet

JULY 23, 2021

in 2015, it became part of a suite of cloud-based collaboration tools. Two unique features that LastPass offers are support for multi-factor authentication (MFA) and single sign-on (SSO). With MFA, your IT administrators can configure an extra layer of authentication that combines biometric technology with contextual intelligence.

Password Management

Password Management Passwords Authentication Architecture

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Security Affairs

JANUARY 20, 2020

An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor.” While the user’s shell is limited to running the /opt/phoenix/ phscripts /bin/ tunnelshell script, SSH authentication still succeeds.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Firmware Advertising Firewall

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

FEBRUARY 11, 2022

” The US agency also added the CVE-2015-2051 remote code execution flaw impacting D-Link DIR-645 routers. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.An attacker must have the ability to execute code on a victim system to exploit this vulnerability.”

IoT

IoT Accountability Authentication Hacking

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Security Intelligence

Security Intelligence Authentication Advertising Architecture

New Cisco Webex Meetings flaw allows attackers to impersonate users

Security Affairs

JUNE 19, 2020

A flaw in Cisco Webex Meetings client for Windows could allow local authenticated attackers to gain access to sensitive information. A vulnerability in Cisco Webex Meetings client for Windows, tracked as CVE-2020-3347 , could be exploited by local authenticated attackers to gain access to sensitive information. Pierluigi Paganini.

Authentication

Authentication Advertising Accountability Hacking

TeamViewer flaw can allow hackers to steal System password

Security Affairs

AUGUST 11, 2020

The expert discovered that the issue could allow an attacker to force the software to relay an NTLM authentication request to the attacker’s system. This means that the SMB authentication process will leak the system’s username, and NTLMv2 hashed version of the password to the attackers. “An Pierluigi Paganini.

Passwords

Passwords Authentication Advertising Software

Hackers are targeting recently patched WebLogic security vulnerability

Security Affairs

MAY 1, 2020

2 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. Authentication is not required to exploit this vulnerability.” A remote attacker could exploit the CVE-2019-2729 flaw without authentication. .

Authentication

Authentication Advertising Hacking Cybersecurity

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Security Affairs

SEPTEMBER 23, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. “An Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Vendors supporting Samba 4.7

Authentication

Authentication Advertising Architecture Hacking

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cybercrime

Cisco addresses 17 high-severity flaws in security appliances

Security Affairs

OCTOBER 22, 2020

The list of addressed vulnerabilities includes denial-of-service (DoS), CSRF, FMC authentication bypass, and MitM issues. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. .” Most of the vulnerability addressed by the IT giant can be exploited by remote, unauthenticated attackers. Pierluigi Paganini.

Advertising

Advertising Authentication Software Hacking

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

Security Affairs

NOVEMBER 4, 2020

The CVE-2020-3556 flaw resided in the interprocess communication (IPC) channel of Cisco AnyConnect Client, it can be exploited by authenticated and local attackers to execute malicious scripts via a targeted user. “The vulnerability is due to a lack of authentication to the IPC listener. . Pierluigi Paganini.

Mobile

Mobile Authentication Advertising Software

Zerologon attack lets hackers to completely compromise a Windows domain

Security Affairs

SEPTEMBER 14, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. published a detailed analysis of the flaw.

Authentication

Authentication Passwords Advertising Architecture

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

Use Network Level Authentication (NLA). If possible, enable two-factor authentication. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Kaspersky recommends organizations to adopt the following security measures: At the very least, use strong passwords. Use a reliable security solution.

Passwords

Passwords Advertising Authentication VPN

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

DOGE as a National Cyberattack

Trending Sources

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Change Healthcare Breach Hits 100M Americans

New Charges Derail COVID Release for Hacker Who Aided ISIS

It’s Still Easy for Anyone to Become You at Experian

GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously

New strain of Cerberus Android banking trojan can steal Google Authenticator codes

Experian, You Have Some Explaining to Do

A flaw in India Digilocker could?ve been exploited to bypass authentication

Sendgrid Under Siege from Hacked Accounts

State Department’s Email Server Breached

GUEST ESSAY: Ponemon study warns: AI-enhanced deepfake attacks taking aim at senior execs

E-Verify’s “SSN Lock” is Nothing of the Sort

News Alert: W3C advances technology to streamline payment authentication

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Twitter allows users to use 2FA without a phone number

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Microsoft Patch Tuesday, March 2022 Edition

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

IRS To Ditch Biometric Requirement for Online Access

HPE addresses critical auth bypass issue in SSMC console

Trend Micro addresses two issues exploited by hackers in the wild

VMware addresses serious flaws in vRealize Operations for Horizon Adapter

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Cisco fixes 5 critical flaws that could allow router firewall takeover

Palo Alto Networks addresses tens of serious issues in PAN-OS

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Microsoft failed to fix LSASS elevation of privilege flaw

230k+ Indonesian COVID-19 patients’ records for sale in the Darkweb

LastPass: Password Manager Review for 2021

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Hackers are using Zerologon exploits in attacks in the wild

New Cisco Webex Meetings flaw allows attackers to impersonate users

TeamViewer flaw can allow hackers to steal System password

Hackers are targeting recently patched WebLogic security vulnerability

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Cisco addresses 17 high-severity flaws in security appliances

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

Zerologon attack lets hackers to completely compromise a Windows domain

RDP brute-force attacks rocketed since beginning of COVID-19

Stay Connected