Security Affairs

MARCH 7, 2023

Recently, the password management software firm disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach. “We have recently been made aware of a security vulnerability related to Plex Media Server.

Software 97

Software Hacking Data breaches Media 97

Security Affairs

MAY 20, 2020

VMware has addressed a high-severity remote code execution vulnerability, tracked as CVE-2020-3956, that affects its Cloud Director product. VMware has patched a high-severity remote code execution vulnerability, tracked as CVE-2020-3956, in its Cloud Director product. ” reads the security advisory published by VMware.

Authentication 91

Authentication Advertising Hacking Risk 91

Security Affairs

NOVEMBER 2, 2020

Oracle issued an out-of-band security update to address a critical remote code execution issue (CVE-2020-14750) impacting multiple Oracle WebLogic Server versions. The advisory states that this vulnerability is related to the CVE-2020-14882 flaw that was addressed in the October 2020 Critical Patch Update. . 12.2.1.4.0,

Advertising 101

Advertising Authentication Passwords Hacking 101

Security Affairs

OCTOBER 4, 2020

HP released a security advisory that includes details for three critical and high severity vulnerabilities, tracked as CVE-2020-6925, CVE-2020-6926, and CVE-2020-6927, that impact the HP Device Manager. Base Score CVE-2020-6925 Weak Cipher All versions of HP Device Manager 7.0

Hacking 131

Hacking Accountability Passwords InfoSec 131

Security Affairs

MAY 12, 2021

.” Summarizing, the design flaws discovered by the expert are: CVE-2020-24588 : aggregation attack (accepting non-SPP A-MSDU frames). CVE-2020-24587 : mixed key attack (reassembling fragments encrypted under different keys). CVE-2020-26140 : Accepting plaintext data frames in a protected network. Pierluigi Paganini.

Hacking 127

Hacking Encryption Authentication Internet 127

Security Affairs

JULY 8, 2020

Early June, researchers at F5 Networks have addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

Advertising 118

Advertising InfoSec Government Healthcare 118

Security Affairs

FEBRUARY 16, 2024

Cisco addressed the flaw in May 2020. For more information about Exchange Server’s support for Extended Protection for Authentication(EPA), please see Configure Windows Extended Protection in Exchange Server.” ” reads the advisory published by Microsoft.

Authentication 110

Authentication Hacking Cybersecurity Risk 110

Security Affairs

MAY 4, 2021

This is not the first time that experts disclose vulnerabilities in EXIM software, in May 2020 the U.S. Experts announced they will not publish that exploits for now.

Hacking 111

Hacking Software Engineering Encryption 111

Security Affairs

MAY 4, 2020

Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. The two flaws, tracked as CVE-2020-11651 and CVE-2020-11652, are a directory traversal issue and an authentication bypass vulnerability respectively.

Internet 111

Internet Internet Hacking Advertising 111

Security Affairs

APRIL 20, 2021

According to coordinated reports published by FireEye and Pulse Secure , two hacking groups have exploited a new zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors and government organizations worldwide. ” reads the advisory published by Pulse Secure. .”

VPN 114

VPN Hacking Authentication Government 114

Security Affairs

JULY 25, 2020

CISA is warning of the active exploitation of the unauthenticated remote code execution CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. “This Alert also provides additional detection measures and mitigations for victim organizations to help recover from attacks resulting from CVE-2020-5902.

Advertising 106

Advertising Government Healthcare Education 106

Security Affairs

APRIL 14, 2020

The details of around four million users are now being shared for free on underground hacking forums, according to ZDNet that has obtained samples from different sources, exposed records include usernames, email addresses, and hashed account passwords (bcrypt hashing algorithm). . ” reads the post published Risk Based Security.

Accountability 139

Accountability Hacking Data breaches Passwords 139

Security Affairs

MAY 4, 2020

Around 8PM PST on May 2nd, 2020 an attacker used a CVE in our saltstack master to gain access to our infrastructure. — LineageOS (@LineageAndroid) May 3, 2020. The two flaws, tracked as CVE-2020-11651 and CVE-2020-11652, are a directory traversal issue and an authentication bypass vulnerability respectively.

Hacking 93

Hacking Advertising Authentication Mobile 93

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. “All Call of Duty players should be on notice after a major Activision hack has left millions of accounts in limbo.” Activision @ATVIAssist [link] — Okami (@Okami13_) September 21, 2020.

Hacking 107

Hacking Data breaches Accountability Passwords 107

Security Affairs

DECEMBER 7, 2020

The US National Security Agency has published a security alert warning that Russian state-sponsored hackers are exploiting the recently patched CVE-2020-4006 VMware flaw to steal sensitive information from their targets. SecurityAffairs – hacking, NSA). . SecurityAffairs – hacking, NSA).

System Administration 101

System Administration Authentication Hacking Cybersecurity 101

Security Affairs

JULY 2, 2020

Apache Guacamole allows users within an organization to remotely access their desktops simply using a web browser post an authentication process. In particular, all versions of Guacamole that were released before January 2020 are using vulnerable versions of FreeRDP.” SecurityAffairs – hacking, Apache Guacamole). .”

Hacking 124

Hacking Risk System Administration Authentication 124

Security Affairs

MARCH 16, 2020

Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. Organizations are delaying in patching Microsoft Exchange Server flaw ( CVE-2020-0688 ) that Microsoft fixed with February 2020 Patch Day updates. Pierluigi Paganini.

Advertising 95

Advertising Authentication Internet Internet 95

Security Affairs

JANUARY 22, 2021

Realmode Labs reported the flaws to Amazon on October 17 and the company released security updates to address them on December 10, 2020. The experts discovered that Amazon did not verify the authenticity of the email sender, this means that attackers can spoof an email address that is present in the list of approved addresses.

Hacking 135

Hacking Authentication Firmware Phishing 135

Security Affairs

JUNE 2, 2020

This week Apple released security patches to address the CVE-2020-9859 zero-day vulnerability that had been used to jailbreak iPhones devices. Apple released security patches to address the CVE-2020-9859 zero-day vulnerability in the iOS kernel that had been used to jailbreak iPhones. Pwn20wnd states that #unc0ver v5.0.0

Advertising 101

Advertising Mobile Authentication Software 101

Security Affairs

JUNE 23, 2021

In October last year, experts reported a critical stack-based Buffer Overflow vulnerability, tracked as CVE-2020-5135 , in SonicWall Network Security Appliance (NSA) appliances. This flaw exists pre-authentication and within a component (SSLVPN) which is typically exposed to the public Internet.”. Pierluigi Paganini.

VPN 85

VPN Firewall Firmware Authentication 85

Security Affairs

JULY 14, 2020

The company confirmed the security breach over the weekend, it revealed that unknown threat actors accessed a partner’s systems in June stealing user information. The company confirmed that the an investigation into the hack is still ongoing. SecurityAffairs – hacking, LiveAuctioneers ). million LiveAuctioneers users.”

Hacking 100

Hacking Data breaches Identity Theft Advertising 100

Security Affairs

MAY 6, 2020

Experts from security firm Cyble Inc discovered that a threat actor is offering the user database, containing 21,909,707 records, for $2,000. The analysis of creation data for the records in the database revealed that the last creation date is January 26th, 2020, a circumstance that suggests that the hack took place in the same period.

Accountability 102

Accountability Hacking Data breaches Advertising 102

Security Affairs

JUNE 1, 2020

The expert Bhavuk Jain received an award of $100,000 for reporting a severe security issue in ‘Sign in with Apple’ authentication bypass bug that could allow the takeover of third-party user accounts. . The accounts are protected with two-factor authentication, and Apple does not track users’ activity in their app or website.

Authentication 88

Authentication Accountability Advertising Passwords 88

Security Affairs

JANUARY 12, 2024

In December, experts warned of an authentication bypass zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. An attacker can trigger the vulnerability, tracked as CVE-2023-51467 , to bypass authentication to achieve a simple Server-Side Request Forgery (SSRF). in the Apache OfBiz.

Authentication 126

Authentication Software Passwords Hacking 126

Security Affairs

OCTOBER 26, 2022

Cisco is warning of exploitation attempts targeting two security flaws, tracked as CVE-2020-3153 (CVSS score: 6.5) and CVE-2020-3433 (CVSS score: 7.8), in the Cisco AnyConnect Secure Mobility Client for Windows. Both vulnerabilities are dated 2020 and are now patched. SecurityAffairs – hacking, Cisco).

Mobile 102

Mobile Authentication Hacking Risk 102

Security Affairs

MARCH 9, 2021

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks. The attackers were observed exploiting the CVE-2020-10148 authentication bypass issue in the SolarWinds Orion API to remotely execute API commands. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Hacking 82

Hacking Internet Internet Malware 82

Security Affairs

NOVEMBER 11, 2021

The hacked server was used by the company to manage customer information for the Queensland water supplier. The security breach took place between August 2020 and May 2021, the intrusion has been attributed to a financially motivated attacker that deployed a custom implant to redirect visitor traffic to an online video platform.

Hacking 88

Hacking Passwords Government Security Awareness 88

Security Affairs

JUNE 23, 2023

CVE-2023-20867 : VMware Tools Authentication Bypass Vulnerability – VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

Authentication 90

Authentication Hacking Cybersecurity Risk 90

Security Affairs

FEBRUARY 17, 2020

The popular hacker group OurMine has hacked the official Twitter account of the FC Barcelona, along with the accounts of Olympics and the International Olympic Committee (IOC). The popular hacker group has hacked the official Twitter account of the FC Barcelona, along with the accounts of and the International Olympic Committee (IOC).

Accountability 89

Accountability Hacking Advertising Media 89

Security Affairs

APRIL 3, 2020

An authenticated stored cross-site scripting (XSS) vulnerability could allow attackers to create rogue admins on WordPress sites using Contact Form 7 Datepicker plugin. “ The plugin has been closed on April 1, 2020, and is no more available for download. . link] — Wordfence (@wordfence) April 2, 2020.

Hacking 101

Hacking Advertising Authentication Accountability 101

Security Affairs

MARCH 13, 2020

the most severe one is an unauthenticated Stored Cross-Site Scripting (XSS) tracked as CVE-2020-10196 that received a CVSS Score of 8.3 The flaw tracked CVE-2020-10195 is classified as an Authenticated Settings Modification, Configuration Disclosure, and User Data Export. SecurityAffairs – hacking , PoPup Builder).

Hacking 91

Hacking Advertising Authentication Cyber Attacks 91

Security Affairs

SEPTEMBER 10, 2021

It seems that the Umoja account used in the attacks wasn’t not protected with two-factor authentication because the security feature was made available only in July by the software vendor. SecurityAffairs – hacking, United Nations). According to the report, attackers did not access passwords. Pierluigi Paganini.

Hacking 116

Hacking Data breaches Cyber Attacks Software 116

Security Affairs

MARCH 14, 2021

The most severe flaw is a critical RCE tracked as CVE-2020-26919 and rated with a CVSS v3 score of 9.8, failed to correctly implement access controls in one of its endpoints, allowing unauthenticated attackers to bypass authentication and execute actions with administrator privileges.” ” states the advisory.

Firmware 134

Firmware Authentication Hacking Software 134

Security Affairs

OCTOBER 30, 2020

The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers.

Authentication 133

Authentication Advertising Architecture Cybercrime 133

Security Affairs

APRIL 21, 2024

A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 victims worldwide. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 105

Ransomware Encryption Antivirus VPN 105

Security Affairs

OCTOBER 6, 2019

Microsoft says that the Iran-linked cyber-espionage group tracked as Phosphorus (aka APT35 , Charming Kitten , Newscaster , and Ajax Security Team) a 2020 presidential campaign. Microsoft notified all the impacted users about the hacks and provided supports to the victims to secure their accounts. Pierluigi Paganini.

Accountability 75

Accountability Passwords Advertising Government 75

Security Affairs

SEPTEMBER 24, 2020

Microsoft is actively tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon EoP vulnerability, dubbed Zerologon. — Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472.

Security Intelligence 129

Security Intelligence Authentication Advertising Passwords 129