SecureList

FEBRUARY 26, 2025

Among notable techniques in Q4, attackers leveraged undocumented RPC interfaces and targeted the Windows authentication mechanism. According to Microsoft documentation ,msc files can be used for system administration. Statistics on registered vulnerabilities This section contains statistics on registered vulnerabilities.

Software 58

Software Authentication System Administration Malware 58

Krebs on Security

JANUARY 7, 2020

Second, this attack is not exactly new: In 2017, for instance, phishers used a similar technique to plunder accounts at Google’s Gmail service. Also, the resulting compromise is quite persistent and sidesteps two-factor authentication, and thus it seems likely we will see this approach exploited more frequently in the future.

Phishing 309

Phishing Passwords Accountability Authentication 309

eSecurity Planet

FEBRUARY 15, 2022

Audit user accounts with administrative privileges and configure access controls with least privilege in mind, and use multifactor authentication. CVE-2017-10271 : An easily exploitable vulnerability in Oracle’s middleware allows an unauthenticated attacker to compromise and potentially take over the Oracle WebLogic Server.

Ransomware 128

Ransomware Encryption Backups Accountability 128

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications 100

Telecommunications Authentication Passwords Accountability 100

Security Affairs

APRIL 30, 2020

The threat actors leverage perfectly orchestrated social engineering technique by “persuading” people holding significant corporate positions to open a non-malicious PDF email attachment coming from an authentic address in their contacts. The page resembles an authentic Microsoft Office 365 file sharing page.

Phishing 137

Phishing Accountability Financial Services Cloud Migration 137

Thales Cloud Protection & Licensing

JANUARY 23, 2018

billion in 2017. To ensure a secure multi-tenant environment for consolidation, you need a solution that: adequately isolates security for specific tenants or customers; authorizes access to the data itself without allowing even systems administrators or privileged users to see the data; and. billion, up from $246.8

Cloud Migration 81

Cloud Migration System Administration Architecture Firewall 81

SecureWorld News

JUNE 18, 2020

Shared passwords and a failure to control access: "Most of our sensitive cyber weapons were not compartmented, users shared systems administrator-level passwords.". Day-to-day security practices had become woefully lax.". Lack of Data Loss Prevention (DLP) controls: ".there

Cybersecurity 97

Cybersecurity Authentication Government System Administration 97