2015, Authentication and Passwords - Cyber Security Informer

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

JULY 8, 2021

Also on July 3, security incident response firm Mandiant notified Kaseya that their billing and customer support site — portal.kaseya.net — was vulnerable to CVE-2015-2862 , a “directory traversal” vulnerability in Kaseya VSA that allows remote users to read any files on the server using nothing more than a Web browser.

Software

Software Ransomware System Administration Authentication

TeamViewer flaw can allow hackers to steal System password

Security Affairs

AUGUST 11, 2020

A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability ( CVE 2020-13699 ), that could be exploited by remote attackers to steal system password and potentially compromise it.

Passwords

Passwords Authentication Advertising Software

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Turner said he created the account at Experian in 2020 to place a security freeze on his credit file, and that he used a password manager to select and store a strong, unique password for his Experian account.

Accountability

Accountability Passwords Authentication Password Management

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN

VPN Passwords Banking Advertising

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. ” The flaw could allow unauthorized third-party access to the router with admin privileges without proper authentication. .” ” continues the post. ” the expert concludes.

Passwords

Passwords Advertising Firmware Authentication

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords

Passwords Hacking Wireless Authentication

Over 23 million breached accounts were using ‘123456’ as password

Security Affairs

APRIL 29, 2019

A cyber survey conducted by the United Kingdom’s National Cyber Security Centre (NCSC) revealed that ‘123456’ is still the most hacked password. Security experts at the United Kingdom’s National Cyber Security Centre (NCSC) analyzed the 100,000 most-commonly re-occurring breached passwords using data from Have I Been Pwned (HIBP).

Passwords

Passwords Accountability Data breaches Advertising

Facebook admitted to have stored millions of Instagram users’ passwords in plaintext

Security Affairs

APRIL 19, 2019

Other problems for Facebook that admitted to have stored m illions of Instagram users’ passwords in plaintext. In March, Facebook admitted to have stored the passwords of hundreds of millions of users in plain text, including “tens of thousands” passwords belonging to Instagram users as well.

Passwords

Passwords Advertising Accountability Authentication

A flaw in India Digilocker could?ve been exploited to bypass authentication

Security Affairs

JUNE 8, 2020

Any Indian DigiLocker Account Could’ve Been Accessed Without Password. The Indian Government fixed a flaw in the secure document wallet service Digilocker that could have potentially allowed anyone’s access without password. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Mobile Accountability Passwords

Expert earns $100,000 for ‘Sign in with Apple’ authentication bypass bug

Security Affairs

JUNE 1, 2020

The expert Bhavuk Jain received an award of $100,000 for reporting a severe security issue in ‘Sign in with Apple’ authentication bypass bug that could allow the takeover of third-party user accounts. . The accounts are protected with two-factor authentication, and Apple does not track users’ activity in their app or website.

Authentication

Authentication Accountability Advertising Passwords

Microsoft removes Password-Expiration Policy in security baseline for Windows 10

Security Affairs

APRIL 28, 2019

Microsoft presented a series of security enhancements for its Windows 10, including the removal of the password-expiration policy. Microsoft announced the removal of the password-expiration policy from its operating system starting with the next Windows 10 feature update (Windows 10 version 1903, a.k.a., ” continues the post.

Passwords

Passwords Advertising Authentication Data breaches

Poloniex forces password reset following a data leak

Security Affairs

JANUARY 2, 2020

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. . Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. . This is a real email! Pierluigi Paganini.

Passwords

Passwords Cryptocurrency Data breaches Advertising

Trend Micro addressed two DLL Hijacking flaws in Trend Micro Password Manager

Security Affairs

AUGUST 17, 2019

Trend Micro addressed 2 DLL hijacking flaws in Trend Micro Password Manager that could allow malicious actors to escalate privileges and much more. The flaw, tracked as CVE-2019-14684, could allow an authenticated attacker to run with SYSTEM privileges an arbitrary, unsigned DLL file within a trusted process. . Another researcher, Tr?n

Password Management

Password Management Passwords Advertising Authentication

WPA3 attacks allow hackers to hack Wi-Fi password

Security Affairs

APRIL 10, 2019

Security researchers discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-based side-channel leaks. Security researchers discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-based side-channel leaks.

Passwords

Passwords Hacking Advertising Network Security

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. One of Megatraffer’s ads on an English-language cybercrime forum. user account — this one on Verified[.]ru ru in 2008.

Malware

Malware Cybercrime Software Antivirus

Million password resets and 2FA codes exposed in unsecured Vovox DB

Security Affairs

NOVEMBER 17, 2018

Million of password resets and two-factor authentication codes exposed in unsecured Vovox DB. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Million password resets and 2FA codes exposed in unsecured Vovox DB appeared first on Security Affairs. Pierluigi Paganini.

Passwords

Passwords Accountability Data breaches Advertising

E-Verify’s “SSN Lock” is Nothing of the Sort

Krebs on Security

JULY 4, 2020

After verifying my email address, I was asked to pick a strong password and select a form of multi-factor authentication (MFA). The most secure MFA option offered (a one-time code generated by an app like Google Authenticator or Authy) was already pre-selected, so I chose that.

Accountability

Accountability Passwords Authentication Insurance

A flaw in Microsoft OAuth authentication could lead Azure account takeover

Security Affairs

DECEMBER 3, 2019

The vulnerability affects the way Microsoft applications use OAuth for authentication, these applications trust certain third-party domains and sub-domains that are not registered by Microsoft. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. You can see more API calls documented here.”

Authentication

Authentication Accountability Social Engineering Advertising

Cisco Talos warns of hardcoded credentials in Alpine Linux Docker Images

Security Affairs

MAY 9, 2019

Since December 2015, Alpine Linux Docker images have been shipped with hardcoded credentials, a NULL password for the root user. 3) contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December 2015.” The bug received a CVSS score of 9.8,

Passwords

Passwords Advertising Authentication Accountability

Dailymotion forces password reset in response to credential stuffing Attack

Security Affairs

JANUARY 28, 2019

After the discovery of hacking attempts, the French firm logged users out and forced a password reset procedure by including in the notification a link to change the password and re-gain access to the account. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues the company.

Passwords

Passwords Data breaches Accountability Advertising

Great news, now you can protect your Zoom account with 2FA

Security Affairs

SEPTEMBER 11, 2020

Zoom has implemented two-factor authentication (2FA) to protect all user accounts against security breaches and other cyber attacks. Zoom has announced finally implemented the two-factor authentication (2FA) to protect all user accounts from unauthorized accesses. ” reads the announcement published by Zoom. Pierluigi Paganini.

Accountability

Accountability Authentication Advertising Passwords

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security Intelligence

Security Intelligence Authentication Advertising Passwords

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

APRIL 26, 2020

The data for any specific firewall depends upon the specific configuration and may include usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access.” ” “Passwords associated with external authentication systems such as AD or LDAP are unaffected.

Firewall

Firewall Passwords Accountability Advertising

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

In May 2015, KrebsOnSecurity published a brief writeup about the brazen Manipulaters team, noting that they openly operated hundreds of web sites selling tools designed to trick people into giving up usernames and passwords, or deploying malicious software on their PCs. ” A number of questions, indeed. .

Phishing

Phishing Cybercrime Malware Advertising

Zerologon attack lets hackers to completely compromise a Windows domain

Security Affairs

SEPTEMBER 14, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. This can then be used to obtain domain admin credentials and then restore the original DC password.”

Authentication

Authentication Passwords Advertising Architecture

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Security Affairs

JULY 16, 2018

A security researcher discovered that the IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs. The IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs, the discovery was made by security researcher Ankit Anubhav, Principal Researcher at NewSky Security.

IoT

IoT Engineering Passwords Firmware

NGINX zero-day vulnerability: Check if you’re affected

Malwarebytes

APRIL 13, 2022

Specifically, the NGINX LDAP reference implementation which uses LDAP to authenticate users of applications being proxied by NGINX. Companies store usernames, passwords, email addresses, printer connections, and other static data within directories. The reference implementation was announced in June 2015. The vulnerabilities.

Authentication

Authentication IoT Password Management Firmware

230k+ Indonesian COVID-19 patients’ records for sale in the Darkweb

Security Affairs

JUNE 21, 2020

Cyble has analyzed the data and confirmed its authenticity, it also indexed the record in its data breach monitoring and notification service AmiBreached.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Mobile Advertising Authentication

TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb

Security Affairs

MAY 3, 2020

The hacker has shared 15 million user records calling for action in cracking the passwords that are hashed using the SHA2-384 hashing algorithm. The seller pointed out that the database didn’t contain the salt strings used by the hashing function, this means that cracking the passwords would be a more difficult.

Accountability

Accountability Hacking Passwords Data breaches

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

. “Since the beginning of March, the number of Bruteforce.Generic.RDP attacks has rocketed across almost the entire planet” Attackers attempt to brute-force the username and password used to protect RDP access to systems exposed online, they can use combinations of random characters or leverage dictionary of most popular passwords.

Passwords

Passwords Advertising VPN Authentication

4 Million Quidd account details shared on hacking forums

Security Affairs

APRIL 14, 2020

Quidd , the online marketplace for trading stickers, cards, toys, and other collectibles, discloses a data breach in has suffered in 2019, it is also recommending users to change their passwords. One threat actor responded to the post stating that he has already cracked, or decrypted, nearly a million password hashes.”

Accountability

Accountability Hacking Data breaches Passwords

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Security Affairs

APRIL 27, 2019

Some of the flaws could be exploited to execute arbitrary code, modify passwords, and change system settings, Sierra Wireless AirLink gateways and routers are widely used in enterprise environments to connect industrial equipment, smart devices, sensors, point-of-sale (PoS) systems, and Industrial Control systems (ICSs). Pierluigi Paganini.

Wireless

Wireless Passwords IoT Retail

Google Cybersecurity Action Team Threat Horizons Report #5 Is Out!

Anton on Security

JANUARY 3, 2023

We anticipate an increase in targeting of identities that allow cross-platform authentication as actors recognise the value in compromising identities rather than endpoints. ” [A.C. — this Weak passwords continued to be the most common factor at 41% of observed compromises. However, API key compromise [ A.C. — take

Cybersecurity

Cybersecurity Backups DDOS Accountability

267 Million Facebook identities available for 500 euros on the dark web

Security Affairs

APRIL 20, 2020

Over 267 million Facebook profiles are offered for sale on dark web sites and hacker forums, the dump is offered for £500 ($623) and doesn’t include passwords. Hackers are offering for sale over 267 million Facebook profiles for £500 ($623) on dark web sites and hacker forums, the archive doesn’t include passwords.

Data breaches

Data breaches Passwords Advertising Phishing

Marriott discloses data breach impacting up to 5.2 Million guests

Security Affairs

MARCH 31, 2020

account number and points balance, but not passwords) Additional Personal Details (e.g., The company also disabled and forced the reset of the passwords of Marriott Bonvoy members impacted in the incident, it also prompted to enable multi-factor authentication. linked airline loyalty programs and numbers) Preferences (e.g.,

Data breaches

Data breaches Passwords Advertising Accountability

Massive attacks bypass MFA on Office 365 and G Suite accounts via IMAP Protocol

Security Affairs

MARCH 17, 2019

Threat actors targeted Office 365 and G Suite cloud accounts using the IMAP protocol to bypass multi-factor authentication (MFA). Over the past months, threat actors have targeted Office 365 and G Suite cloud accounts using the IMAP protocol to bypass multi-factor authentication (MFA). ” reads the study published by Proofpoint.

Accountability

Accountability Phishing Authentication Passwords

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Security Affairs

SEPTEMBER 23, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. “An Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Vendors supporting Samba 4.7

Authentication

Authentication Advertising Architecture Passwords

Data for 600K customers of U.S. fitness chains Town Sports leaked online

Security Affairs

SEPTEMBER 23, 2020

“Fitness chain Town Sports International has exposed 600,000 records of members and employees on the web without a password or any other authentication required to access it, Comparitech researchers report.” ” The expert confirmed that the database did not contain financial data or account passwords. .”

Data breaches

Data breaches Phishing Passwords Advertising

Cisco Webex flaw allows unauthenticated remote attackers to join private meetings

Security Affairs

JANUARY 25, 2020

Cisco has addressed a high-severity flaw in the Cisco Webex video conferencing platform ( CVE-2020-3142) that could be exploited by a remote, unauthenticated attacker to enter a password-protected video conference meeting. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Mobile

Mobile Passwords Advertising Authentication

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

Cyble researchers provided the following recommendations: Never share personal information, including financial information over the phone, email or SMSs Use strong passwords and enforce multi-factor authentication where possible Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.

Banking

Banking Data breaches Mobile Advertising

Expert found multiple critical issues in MoFi routers

Security Affairs

SEPTEMBER 8, 2020

“The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. An adversary with the private key can remotely authenticate to the management interface as root.” ” reads the advisory published by the expert.

Firmware

Firmware Wireless Authentication Advertising

ShinyHunters leaked over 386 million user records from 18 companies

Security Affairs

JULY 28, 2020

BleepingComputer verified the authenticity of some of the exposed data and published the full list of the 18 archives leaked by the threat actor: Company User Records Reported Breach Date Known? The huge trove of data contains over 386 million user records, but only some of them included the user’s password. Appen.com 5.8

Passwords

Passwords Advertising Education Banking

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

The Lokibot malware has been active since 2015, it is an infostealer that was involved in many malspam campaigns aimed at harvest credentials from web browsers, email clients, admin tools and that was also used to target cryptocoin-wallet owners. If these services are required, use strong passwords or Active Directory authentication.

Malware

Malware Passwords Advertising Antivirus

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cybercrime

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

TeamViewer flaw can allow hackers to steal System password

Webinars

Trending Sources

Experian, You Have Some Explaining to Do

Webinars

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

TP-Link Archer routers allow remote takeover without passwords

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Over 23 million breached accounts were using ‘123456’ as password

Facebook admitted to have stored millions of Instagram users’ passwords in plaintext

A flaw in India Digilocker could?ve been exploited to bypass authentication

Expert earns $100,000 for ‘Sign in with Apple’ authentication bypass bug

Microsoft removes Password-Expiration Policy in security baseline for Windows 10

Poloniex forces password reset following a data leak

Trend Micro addressed two DLL Hijacking flaws in Trend Micro Password Manager

WPA3 attacks allow hackers to hack Wi-Fi password

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Million password resets and 2FA codes exposed in unsecured Vovox DB

E-Verify’s “SSN Lock” is Nothing of the Sort

A flaw in Microsoft OAuth authentication could lead Azure account takeover

Cisco Talos warns of hardcoded credentials in Alpine Linux Docker Images

Dailymotion forces password reset in response to credential stuffing Attack

Great news, now you can protect your Zoom account with 2FA

Hackers are using Zerologon exploits in attacks in the wild

Hackers exploit SQL injection zero-day issue in Sophos firewall

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Zerologon attack lets hackers to completely compromise a Windows domain

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

NGINX zero-day vulnerability: Check if you’re affected

230k+ Indonesian COVID-19 patients’ records for sale in the Darkweb

TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb

RDP brute-force attacks rocketed since beginning of COVID-19

4 Million Quidd account details shared on hacking forums

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Google Cybersecurity Action Team Threat Horizons Report #5 Is Out!

267 Million Facebook identities available for 500 euros on the dark web

Marriott discloses data breach impacting up to 5.2 Million guests

Massive attacks bypass MFA on Office 365 and G Suite accounts via IMAP Protocol

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Data for 600K customers of U.S. fitness chains Town Sports leaked online

Cisco Webex flaw allows unauthenticated remote attackers to join private meetings

UberEats data leaked on the dark web

Expert found multiple critical issues in MoFi routers

ShinyHunters leaked over 386 million user records from 18 companies

CISA’s advisory warns of notable increase in LokiBot malware

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Stay Connected