The Last Watchdog

JANUARY 25, 2021

Thanks to a couple of milestone hacks disclosed at the close of 2020 and start of 2021, they will forever be associated with putting supply-chain vulnerabilities on the map. Similarly, the SolarWinds and Mimecast hacks are precursors of increasingly clever and deeply-damaging hacks of the global supply chain sure to come.

Hacking 228

Hacking B2B Authentication Software 228

Security Affairs

FEBRUARY 27, 2020

Experts warn that hackers are actively scanning the Internet for Microsoft Exchange Servers vulnerable in the attempt to exploit the CVE-2020-0688 RCE. Hackers are actively scanning the Internet for Microsoft Exchange Servers affected by the CVE-2020-0688 remote code execution flaw. ” reported BleepingComputer.

Internet 100

Internet Internet Authentication Advertising 100

Security Affairs

JULY 8, 2021

CVE Identifier CWE Identifier CVSS score (Severity) Remediation CVE-2020-7388 CWE-290 : Unauthenticated Command Execution Bypass by Spoofing in AdxAdmin 10.0 Critical) Update available CVE-2020-7387 CWE-200 : Exposure of Sensitive Information to an Unauthorized Actor in AdxAdmin 5.3 SecurityAffairs – hacking, SAGE).

Hacking 110

Hacking Authentication VPN Software 110

Security Affairs

MAY 12, 2021

For instance, many smart home and internet-of-things devices are rarely updated, and Wi-Fi security is the last line of defense that prevents someone from attacking these devices. ” Summarizing, the design flaws discovered by the expert are: CVE-2020-24588 : aggregation attack (accepting non-SPP A-MSDU frames).

Hacking 130

Hacking Encryption Authentication Internet 130

Security Affairs

JULY 8, 2020

Early June, researchers at F5 Networks have addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

Advertising 126

Advertising InfoSec Government Healthcare 126

Security Affairs

JULY 18, 2020

Hackers have been scanning the Internet for SAP systems affected by RECON vulnerability, researchers from Bad Packets warn. Researchers from Bad Packets reported that threat actors have been scanning the Internet for SAP systems affected by RECON vulnerability , , tracked as CVE-2020-6287. Pierluigi Paganini.

Internet 82

Internet Internet Advertising Accountability 82

Security Boulevard

MARCH 18, 2021

From smart homes that enable you to control your thermostat from a distance to sensors on oil rigs that help predict maintenance to autonomous vehicles to GPS sensors implanted in the horns of endangered black rhinos , the internet of things is all around you. Source: DZone’s Edge Computing and IoT, 2020 . A Safer Internet of Things.

Internet 137

Internet Internet IoT Software 137

Security Affairs

APRIL 20, 2021

According to coordinated reports published by FireEye and Pulse Secure , two hacking groups have exploited a new zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors and government organizations worldwide. SecurityAffairs – hacking, China). Pierluigi Paganini.

VPN 117

VPN Hacking Authentication Government 117

Security Affairs

MARCH 16, 2020

Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. Organizations are delaying in patching Microsoft Exchange Server flaw ( CVE-2020-0688 ) that Microsoft fixed with February 2020 Patch Day updates. Pierluigi Paganini.

Advertising 101

Advertising Authentication Internet Internet 101

Security Affairs

JULY 25, 2020

CISA is warning of the active exploitation of the unauthenticated remote code execution CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. “This Alert also provides additional detection measures and mitigations for victim organizations to help recover from attacks resulting from CVE-2020-5902.

Advertising 114

Advertising Government Healthcare Education 114

Security Affairs

JUNE 13, 2020

There seems to be a new stealer in town called #TroyStealer , targeting Portuguese internet users EXE: [link] Exfil email address: domionhuby@gmail.com Has anyone seen this threat before? /cc cc @CNCSgovpt @sirpedrotavares pic.twitter.com/1bDK3BtYeE — abuse.ch (@abuse_ch) June 12, 2020. About the author Pedro Tavares.

Internet 115

Internet Internet Malware Banking 115

Security Affairs

MARCH 9, 2021

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks. Supernova malware spotted on compromised SolarWinds Orion installs exposed on the Internets is likely linked to a China-linked espionage group. However, an additional characteristic of the August 2020 intrusion strengthens the Chinese connection.”

Hacking 88

Hacking Internet Internet Malware 88

The Last Watchdog

AUGUST 29, 2023

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Back in 2015, a security researcher decided to make that very point when he claimed to have hacked a plane , accessed the thrust system, and made it fly higher than intended.

Software 264

Software Risk Artificial Intelligence Engineering 264

Krebs on Security

AUGUST 17, 2023

The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries. ” According to the Indonesian security blog Cyberthreat.id , Saputra admitted being the administrator of 16Shop , but told the publication he handed the project off to others by early 2020. Image: ZeroFox.

Phishing 190

Phishing Passwords Internet Internet 190

Security Affairs

JUNE 23, 2021

In October last year, experts reported a critical stack-based Buffer Overflow vulnerability, tracked as CVE-2020-5135 , in SonicWall Network Security Appliance (NSA) appliances. This flaw exists pre-authentication and within a component (SSLVPN) which is typically exposed to the public Internet.”. Pierluigi Paganini.

VPN 89

VPN Firewall Firmware Authentication 89

Krebs on Security

DECEMBER 18, 2020

government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. National Security Agency (NSA) warned on Dec. ” Indeed, the NSA’s Dec.

Software 358

Software Authentication Hacking Government 358

Krebs on Security

MAY 11, 2021

On deck this month are patches to quash a wormable flaw, a creepy wireless bug, and yet another reason to call for the death of Microsoft’s Internet Explorer (IE) web browser. ” Another curious bug fixed this month is CVE-2020-24587 , described as a “Windows Wireless Networking Information Disclosure Vulnerability.”

Wireless 275

Wireless Internet Internet Backups 275

CyberSecurity Insiders

FEBRUARY 23, 2022

A new malware developed by Sandworm hacking group has targeted appliances that are fire walled and reports are in that the military intelligence of the Russian Federation developed the malicious software. In the first half of 2020 alone, SonicWall registered over 3.2 billion malware attacks.

Firewall 132

Firewall Malware IoT Software 132

Security Affairs

MARCH 14, 2021

The most severe flaw is a critical RCE tracked as CVE-2020-26919 and rated with a CVSS v3 score of 9.8, failed to correctly implement access controls in one of its endpoints, allowing unauthenticated attackers to bypass authentication and execute actions with administrator privileges.” ” states the advisory.

Firmware 136

Firmware Authentication Hacking Software 136

Security Affairs

JANUARY 9, 2023

The crypto-miner Kinsing was first spotted by security firm Aqua Security in April 2020, at the time the experts spotted threat actors scanning the Internet for Docker servers running API ports exposed without a password. SecurityAffairs – hacking, Kubernetes). ” reads the post published by Microsoft. Pierluigi Paganini.

Malware 96

Malware Authentication Cryptocurrency Internet 96

SC Magazine

APRIL 21, 2021

They include a damaging bug that allows an unauthorized user to create administrative accounts on a network ( CVE-2021-20021 ) and two others that allow an already-authenticated attacker to read ( CVE-2021-20023 ) and upload ( CVE-2021-20022 ) files on the victim’s remote host. million SonicWall user groups.

Hacking 106

Hacking VPN Media Firewall 106

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting. Enforce MFA on all VPN connections [ D3-MFA ].

Telecommunications 98

Telecommunications Authentication Passwords Accountability 98

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. Multiple security firms soon assigned the hacking group the nickname “ Scattered Spider.” 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering 316

Social Engineering Mobile Cybercrime Passwords 316

Security Affairs

OCTOBER 1, 2020

Security researchers from Israeli firm OTORIO found critical vulnerabilities in leading industrial remote access systems that could be exploited by attackers to ban access to industrial production floors, hack into company networks, tamper with data, and even steal sensitive business secrets. Pierluigi Paganini.

Advertising 116

Advertising Authentication VPN Firewall 116

Security Affairs

FEBRUARY 3, 2020

L inear eMerge E3 smart building access systems designed by N ortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning the internet for vulnerable devices. Passwords can be found in p roduct documentation and compiled lists available on the Internet.”

DDOS 85

DDOS Hacking Internet Internet 85

Identity IQ

FEBRUARY 16, 2022

The report also stated that the FBI received more than 1,600 SIM swap complaints in 2021, dramatically up from 320 from 2018 to 2020. It’s best to verify these requests by contacting your network provider or company to establish the authenticity before providing such details. Minimizing SIM Swapping Attacks.

Identity Theft 129

Identity Theft Authentication Accountability Banking 129

Security Affairs

SEPTEMBER 8, 2020

Researchers found multiple vulnerabilities in MoFi Network routers, including critical flaws that can be exploited to remotely hack a device. Probably the most interesting vulnerability is an undocumented backdoor, tracked as CVE-2020-15835, that can be exploited by attackers to gain root access to a router. Pierluigi Paganini.

Firmware 93

Firmware Wireless Authentication Advertising 93

Security Affairs

NOVEMBER 3, 2020

According to the experts, the attackers also used an exploit for a recently addressed zero-day vulnerability( CVE-2020-14871 ) in Oracle Solaris. 519 later, in mid-2020, researchers observed another Solaris server that was connecting to the infrastructure previously associated with the attackers. .”

Authentication 105

Authentication Telecommunications Advertising Internet 105

Malwarebytes

MARCH 2, 2022

This network used fake accounts and operated fictitious personas and brands across the internet — including on Facebook, Instagram, Twitter, YouTube, Telegram, Odnoklassniki and VK — to appear more authentic in an apparent attempt to withstand scrutiny by platforms and researchers.”

Government 114

Government Phishing Authentication Internet 114

Security Affairs

DECEMBER 15, 2021

Threat actors are using a malicious Internet Information Services (IIS) Server module, dubbed Owowa, to steal Microsoft Exchange credentials. Once a user has successfully authenticated on the OWA authentication web page, the Owawa module captures its credential. SecurityAffairs – hacking, Owowa). Pierluigi Paganini.

Encryption 109

Encryption Authentication Passwords Internet 109

Security Affairs

SEPTEMBER 23, 2020

The database containing personal information of over 600,000 clients of the US fitness chain Town Sports was exposed on the Internet. US fitness chain Town Sports has suffered a data breach, a database belonging to the company containing the personal information of over 600,000 people was exposed on the Internet. Pierluigi Paganini.

Data breaches 98

Data breaches Phishing Passwords Advertising 98

Security Affairs

JULY 22, 2021

Government experts reported that threat actors are targeting Pulse Secure devices since June 2020 by attempting to exploit multiple know vulnerabilities, including CVE-2019-11510 , CVE-2020-8260 , CVE-2020-8243 , CVE-2021-2289. If these services are required, use strong passwords or Active Directory authentication.

Malware 131

Malware Antivirus Passwords Firewall 131

Security Affairs

DECEMBER 15, 2020

The vulnerabilities ((CVE-2020-25183, CVE-2020-25187, CVE-2020-27252)) could be only exploited by an attacker within the Bluetooth range of the vulnerable product. The third vulnerability, tracked as CVE-2020-27252, is a race condition that could be leveraged to upload and execute unsigned firmware on the Patient Reader.

Firmware 107

Firmware Authentication Mobile IoT 107

Security Affairs

JUNE 23, 2020

The Shadowserver Foundation is a nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone. The researchers scanned the Internet for printers that are exposing their Internet Printing Protocol (IPP) port online. and printers (or print servers).

Internet 103

Internet Internet Firmware Advertising 103

Security Affairs

MAY 28, 2020

Cisco discloses security breach that impacted VIRL-PE infrastructure, threat actors exploited SaltStack vulnerabilities to hack six company servers. These issues affect the following Cisco products running a vulnerable software release: Cisco Modeling Labs Corporate Edition (CML) Cisco Virtual Internet Routing Lab Personal Edition (VIRL-PE).

Advertising 76

Advertising Software Authentication Internet 76

Security Affairs

AUGUST 17, 2021

An authenticated attacker could execute arbitrary commands as the root user on the underlying system via the SAML server configuration page. Experts pointed out that the flaw could be chained with an authentication bypass flaw that could allow an attacker. SecurityAffairs – hacking, Fortinet). Pierluigi Paganini.

Authentication 100

Authentication VPN Internet Internet 100

The Last Watchdog

AUGUST 19, 2021

Related: Kaseya hack worsens supply chain risk. The configuration issue made this access point publicly available on the Internet. I’m going to speculate that the sudden shift to work-from-home in 2020 has led to quick decisions to meet immediate needs. Most immediately is the ubiquity of 2-factor authentication.

Mobile 306

Mobile Data breaches Authentication Accountability 306