2015, Authentication and Information Security

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

The chief information security officer for a large academic healthcare system affected by the breach told KrebsOnSecurity they participated in a call with the FBI and were told a third party partner managed to recover at least four terabytes of data that was exfiltrated from Change by the cybercriminal group. .”

Healthcare

Healthcare Insurance Computers and Electronics Data breaches

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Security Affairs

JULY 22, 2025

If successful, the attackers bypassed authentication and used a malicious script (like spinstall0.aspx Violet Typhoon is a China-linked actor that has been active since at least 2015. If AMSI can’t be enabled, disconnect servers from the internet or limit access using VPN/proxy/authentication gateway.

Antivirus

Antivirus Authentication Government Internet

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

Zero Day

JULY 23, 2025

The group typically relies on exploiting security vulnerabilities to launch its attacks. Together, the two flaws give cybercriminals the ability to install malicious programs that can compromise a SharePoint environment.

Software

Software Artificial Intelligence Digital transformation Antivirus

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Security Affairs

FEBRUARY 19, 2020

Meanwhile, any hacker viewing the information will see random bits of text with no apparent meaning. Password Protection & Authentication. Apple’s iPhone X, for instance, uses a feature called Face ID, which scans your facial features with infrared sensors and turns that information into a password. Pierluigi Paganini.

Artificial Intelligence

Artificial Intelligence Information Security Passwords Encryption

Expert earns $100,000 for ‘Sign in with Apple’ authentication bypass bug

Security Affairs

JUNE 1, 2020

The expert Bhavuk Jain received an award of $100,000 for reporting a severe security issue in ‘Sign in with Apple’ authentication bypass bug that could allow the takeover of third-party user accounts. . The accounts are protected with two-factor authentication, and Apple does not track users’ activity in their app or website.

Authentication

Authentication Accountability Advertising Hacking

Twitter allows users to use 2FA without a phone number

Security Affairs

NOVEMBER 24, 2019

Twitter announced that its users can protect their accounts with 2-Factor Authentication (2FA) even if they don’t have a phone number. Twitter is going to allow its users to protect their accounts with 2-Factor Authentication (2FA) even if they don’t have a phone number. Pierluigi Paganini.

Authentication

Authentication Mobile Advertising Accountability

Cisco fixes critical and high-severity flaws in Data Center Network Manager

Security Affairs

JULY 31, 2020

One of the most security issues is a critical authentication bypass vulnerability, tracked as CVE-2020-3382. The vulnerability can allow a remote, unauthenticated attacker to bypass authentication and perform actions with admin privileges on the vulnerable device. ” reads the security advisory.

Authentication

Authentication Advertising Software Encryption

Trend Micro addresses two issues exploited by hackers in the wild

Security Affairs

MARCH 18, 2020

It could be exploited by a remote, authenticated attacker to execute arbitrary code on vulnerable installs. An attempted attack requires user authentication.” The vulnerability could be exploited by an authenticated attacker to “manipulate certain agent client components.”. An attempted attack requires user authentication.”

Authentication

Authentication Antivirus Advertising Cybercrime

Cisco fixes critical issue in Cisco Firepower Management Center

Security Affairs

JANUARY 24, 2020

Cisco addressed a critical issue in the Cisco Firepower Management Center (FMC) that could allow a remote attacker to bypass authentication and execute arbitrary actions. ” reads the security advisory published by Cisco. The External Authentication Object must be enabled for the FMC to be affected.”

Authentication

Authentication Advertising Software Hacking

Cisco fixes 5 critical flaws that could allow router firewall takeover

Security Affairs

JULY 16, 2020

Cisco addresses a critical remote code execution (RCE), authentication bypass, and static default credential flaws that could lead to full router takeover. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firewall

Firewall Small Business Wireless Authentication

VMware addresses serious flaws in vRealize Operations for Horizon Adapter

Security Affairs

FEBRUARY 21, 2020

VMware has addressed serious vulnerabilities in vRealize Operations for Horizon Adapter, including remote code execution and authentication bypass flaws. “vRealize Operations for Horizon Adapter has an improper trust store configuration leading to authentication bypass. ” continues the advisory. x on Windows.

Authentication

Authentication Telecommunications Advertising Hacking

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Security Affairs

SEPTEMBER 11, 2024

This file could bypass Mark of the Web (MOTW) defenses, potentially compromising security features like SmartScreen Application Reputation and Windows Attachment Services security prompts. CVE-2024-38226 – Microsoft Publisher Security Feature Bypass Vulnerability.

Social Engineering

Social Engineering IoT Authentication Engineering

Palo Alto Networks addresses tens of serious issues in PAN-OS

Security Affairs

MAY 15, 2020

One of the most severe vulnerabilities, tracked as CVE-2020-2018 , is an authentication bypass vulnerability in the Panorama context switching feature. This vulnerability does not impact Panorama configured with custom certificates authentication for communication between Panorama and managed devices. The issue received a CVSSv3.1

Firewall

Firewall Authentication Advertising VPN

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement.

Antivirus

Antivirus Software Manufacturing Information Security

Microsoft failed to fix LSASS elevation of privilege flaw

Security Affairs

AUGUST 13, 2020

Google Project Zero researcher who discovered the elevation of privilege flaw ( CVE-2020-1509 ) in the Windows Local Security Authority Subsystem Service (LSASS) warn that Microsoft did not properly address it. “If the target is a proxy then the authentication process is allowed, even if the Enterprise Auth Cap is not specified.

Authentication

Authentication Advertising Hacking Information Security

230k+ Indonesian COVID-19 patients’ records for sale in the Darkweb

Security Affairs

JUNE 21, 2020

Cyble has analyzed the data and confirmed its authenticity, it also indexed the record in its data breach monitoring and notification service AmiBreached.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Advertising Mobile Authentication

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

The vulnerability is a post-authentication command injection issue and impacts Nighthawk (R7800) routers running firmware prior to version 1.0.2.60. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Authentication

Expert discloses 4 zero-days in IBM Data Risk Manager

Security Affairs

APRIL 21, 2020

A security researcher disclosed details of four zero-day flaws impacting an IBM security product after the IT giant refused to address them. The IBM Data Risk Manager manages credentials to access other security tools used in the enterprise and information about security vulnerabilities that affect the organizations.

Risk

Risk Authentication InfoSec Advertising

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Security Intelligence

Security Intelligence Authentication Advertising Architecture

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

FEBRUARY 11, 2022

” The US agency also added the CVE-2015-2051 remote code execution flaw impacting D-Link DIR-645 routers. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.An attacker must have the ability to execute code on a victim system to exploit this vulnerability.”

IoT

IoT Accountability Authentication Hacking

New Cisco Webex Meetings flaw allows attackers to impersonate users

Security Affairs

JUNE 19, 2020

A flaw in Cisco Webex Meetings client for Windows could allow local authenticated attackers to gain access to sensitive information. A vulnerability in Cisco Webex Meetings client for Windows, tracked as CVE-2020-3347 , could be exploited by local authenticated attackers to gain access to sensitive information.

Authentication

Authentication Advertising Accountability Hacking

Cisco addresses multiple issues in its SD-WAN product

Security Affairs

MARCH 18, 2020

Three high-severity vulnerabilities, tracked as CVE-2020-3265, CVE-2020-3266, CVE-2020-3264, could be exploited by a local, authenticated attacker by sending specially crafted requests or specially crafted input to the targeted system. Both issues could be remotely exploited by an authenticated attacker.

Advertising

Advertising Authentication Software Information Security

TeamViewer flaw can allow hackers to steal System password

Security Affairs

AUGUST 11, 2020

The expert discovered that the issue could allow an attacker to force the software to relay an NTLM authentication request to the attacker’s system. This means that the SMB authentication process will leak the system’s username, and NTLMv2 hashed version of the password to the attackers. “An Pierluigi Paganini.

Passwords

Passwords Authentication Advertising Software

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Security Affairs

SEPTEMBER 23, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. “An Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Vendors supporting Samba 4.7

Authentication

Authentication Advertising Architecture Hacking

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cybercrime

Hackers are targeting recently patched WebLogic security vulnerability

Security Affairs

MAY 1, 2020

The company is urging its customers to install the latest security updates released on April 14. “This Critical Patch Update contains 9 new security patches for the Oracle Database Server. Authentication is not required to exploit this vulnerability.” ” reads the advisory published by Oracle.

Authentication

Authentication Advertising Hacking Cybersecurity

Cisco addresses 17 high-severity flaws in security appliances

Security Affairs

OCTOBER 22, 2020

The list of addressed vulnerabilities includes denial-of-service (DoS), CSRF, FMC authentication bypass, and MitM issues. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. .” Most of the vulnerability addressed by the IT giant can be exploited by remote, unauthenticated attackers. Pierluigi Paganini.

Advertising

Advertising Authentication Software Hacking

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

Security Affairs

NOVEMBER 4, 2020

The CVE-2020-3556 flaw resided in the interprocess communication (IPC) channel of Cisco AnyConnect Client, it can be exploited by authenticated and local attackers to execute malicious scripts via a targeted user. “The vulnerability is due to a lack of authentication to the IPC listener. . Pierluigi Paganini.

Mobile

Mobile Authentication Advertising Software

Zerologon attack lets hackers to completely compromise a Windows domain

Security Affairs

SEPTEMBER 14, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. published a detailed analysis of the flaw.

Authentication

Authentication Passwords Advertising Architecture

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

Kaspersky recommends organizations to adopt the following security measures: At the very least, use strong passwords. Use Network Level Authentication (NLA). If possible, enable two-factor authentication. Use a reliable security solution. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Advertising Authentication Hacking

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

Security Affairs

JUNE 29, 2020

Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. OS ) that powers its next-generation firewalls that could allow unauthenticated network-based attackers to bypass authentication. x base score of 10. . x base score of 10. Pierluigi Paganini.

Firewall

Firewall Authentication VPN Advertising

Data belonging 44 Million Pakistani mobile users leaked online

Security Affairs

MAY 6, 2020

The dump was discovered by a Dubai-based cybersecurity firm Rewterz ( @rewterz ) that confirmed its authenticity and the Pakistan Telecommunication Authority (PTA) is investigating the matter. Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. Pierluigi Paganini.

Mobile

Mobile Telecommunications Data breaches Advertising

MAGMI Magento plugin flaw allows remote code execution on a vulnerable site

Security Affairs

SEPTEMBER 2, 2020

An attacker can exploit the vulnerability to execute arbitrary code on servers running a website using the Magmi Magento plugin, he could trigger the flaw by tricking authenticated administrators into clicking a malicious link. “ CVE-2020-5777 is an authentication bypass vulnerability in MAGMI for Magento version 0.7.23

Authentication

Authentication Advertising Hacking Passwords

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Experts demonstrate the PIN is useless in EMV contactless transactions

Security Affairs

AUGUST 29, 2020

Authentication to the terminal: All transactions accepted by the terminal are authenticated by the card and, if authorized online, the bank. Authentication to the bank: All the transactions accepted by the bank are authenticated by the card and the terminal. Pierluigi Paganini. SecurityAffairs – hacking, EMV).

Banking

Banking Computers and Electronics Authentication Advertising

U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog

Security Affairs

AUGUST 25, 2024

Exploitation requires successful authentication by a user with the necessary privileges. ” Versa Networks is aware of one confirmed customer reported instance where this vulnerability was exploited because the Firewall guidelines which were published in 2015 & 2017 were not implemented by that customer.”

Firewall

Firewall Authentication Hacking Risk

Expert found multiple critical issues in MoFi routers

Security Affairs

SEPTEMBER 8, 2020

“The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. An adversary with the private key can remotely authenticate to the management interface as root.” ” reads the advisory published by the expert.

Firmware

Firmware Authentication Wireless Advertising

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

It also provides an authenticated inter-process communication mechanism. Since 2016, Microsoft is urging admins to stop using SMBv1, later versions of the protocol implemented security enhancements, such as encryption, pre- authentication integrity checks to prevent man-in-the-middle (MiTM) attacks, and insecure guest authentication blocking.

Authentication

Authentication Malware Advertising Hacking

Taiwanese vendor QNAP issues advisory on Zerologon flaw

Security Affairs

OCTOBER 22, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cybercrime

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Security Affairs

JULY 13, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

InfoSec

InfoSec Mobile Data breaches Advertising

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

Cyble researchers provided the following recommendations: Never share personal information, including financial information over the phone, email or SMSs Use strong passwords and enforce multi-factor authentication where possible Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.

Data breaches

Data breaches Banking Advertising Mobile

DHS CISA alert provides recommendations on securing Office 365 installs

Security Affairs

MAY 4, 2020

Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – Office 365, CISA).

Authentication

Authentication Advertising Cyber Attacks Accountability

Ransomware attack disabled Georgia County Election database

Security Affairs

OCTOBER 26, 2020

A ransomware attack hit a Georgia county government early this month and disabled a database used to verify voter signatures in the authentication of absentee ballots. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. It is a common process to validate absentee ballots sent by mail by analyzing signatures.

Ransomware

Ransomware Advertising Media Government

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cyber Attacks

Change Healthcare Breach Hits 100M Americans

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Trending Sources

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Expert earns $100,000 for ‘Sign in with Apple’ authentication bypass bug

Twitter allows users to use 2FA without a phone number

Cisco fixes critical and high-severity flaws in Data Center Network Manager

Trend Micro addresses two issues exploited by hackers in the wild

Cisco fixes critical issue in Cisco Firepower Management Center

Cisco fixes 5 critical flaws that could allow router firewall takeover

VMware addresses serious flaws in vRealize Operations for Horizon Adapter

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Palo Alto Networks addresses tens of serious issues in PAN-OS

The German BSI agency recommends replacing Kaspersky antivirus software

Microsoft failed to fix LSASS elevation of privilege flaw

230k+ Indonesian COVID-19 patients’ records for sale in the Darkweb

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Expert discloses 4 zero-days in IBM Data Risk Manager

Hackers are using Zerologon exploits in attacks in the wild

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

New Cisco Webex Meetings flaw allows attackers to impersonate users

Cisco addresses multiple issues in its SD-WAN product

TeamViewer flaw can allow hackers to steal System password

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Hackers are targeting recently patched WebLogic security vulnerability

Cisco addresses 17 high-severity flaws in security appliances

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

Zerologon attack lets hackers to completely compromise a Windows domain

RDP brute-force attacks rocketed since beginning of COVID-19

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

Data belonging 44 Million Pakistani mobile users leaked online

MAGMI Magento plugin flaw allows remote code execution on a vulnerable site

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Experts demonstrate the PIN is useless in EMV contactless transactions

U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog

Expert found multiple critical issues in MoFi routers

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Taiwanese vendor QNAP issues advisory on Zerologon flaw

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

UberEats data leaked on the dark web

DHS CISA alert provides recommendations on securing Office 365 installs

Ransomware attack disabled Georgia County Election database

Iran-linked APT is exploiting the Zerologon flaw in attacks

Stay Connected