Security Affairs

JUNE 16, 2022

Cisco addressed a critical bypass authentication flaw in Cisco Email Security Appliance (ESA) and Secure Email and Web Manager. Cisco addressed a critical bypass authentication vulnerability affecting Email Security Appliance (ESA) and Secure Email and Web Manager. SecurityAffairs – hacking, Cisco ESA). Pierluigi Paganini.

Authentication 89

Authentication Hacking Software Cybersecurity 89

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S.

Social Engineering 320

Social Engineering Mobile Cybercrime Passwords 320

Security Affairs

APRIL 26, 2023

Pro-Russia hacking group Zarya caused a cybersecurity incident at a Canadian gas pipeline, the critical infrastructure sector is on alert. A Canadian gas pipeline suffered a cyber security incident, Canada’s top cyber official and Pro-Russia hacking group Zarya claimed the attack could have caused an explosion. intelligence documents.

Hacking 81

Hacking Cyber Attacks Education Media 81

Security Affairs

APRIL 7, 2022

Palo Alto Networks addressed a high-severity OpenSSL infinite loop vulnerability, tracked as CVE-2022-0778 , that affects some of its firewall, VPN, and XDR products. According to Palo Alto Networks, the CVE-2022-0778 vulnerability can be exploited by remote attackers to trigger a denial of service condition and crash vulnerable devices.

Firewall 93

Firewall VPN Cybercrime Software 93

Security Affairs

APRIL 24, 2023

“With this level of detail, impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.” ” concludes the report.

Hacking 92

Hacking VPN Marketing Authentication 92

Security Affairs

JUNE 29, 2022

Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers. The vulnerability ultimately allows a remote attacker to execute arbitrary code on a vulnerable Zimbra instance without requiring any prior authentication or knowledge about it.”

Hacking 92

Hacking Authentication Government Information Security 92

Security Affairs

APRIL 13, 2023

Fortinet has addressed a critical vulnerability, tracked as CVE-2022-41331 (CVSS score of 9.3), in its Fortinet FortiPresence data analytics solution. Successful exploitation can lead to remote, unauthenticated access to Redis and MongoDB instances via crafted authentication requests. ” reads the advisory published by the vendor.

Authentication 81

Authentication Education Media Hacking 81

Security Affairs

MAY 26, 2022

Below is the list of the four vulnerabilities, the most severe one is a command injection flaw in some CLI commands tracked as CVE-2022-26532 (CVSS v3.1 CVE-2022-0910 : An authentication bypass vulnerability caused by the lack of a proper access control mechanism has been found in the CGI program of some firewall versions.

Firewall 121

Firewall VPN Authentication Cyber Attacks 121

Security Affairs

AUGUST 22, 2022

LockBit ransomware gang claims to have hacked the IT giant Entrust and started leaking the stolen files. The Lockbit ransomware gang claimed to have hacked the company and is threatening to leak the stolen files. Entrust blog still down on your left and official statement on your right. SecurityAffairs – hacking, Lockbit).

DDOS 85

DDOS Hacking InfoSec Ransomware 85

Security Affairs

APRIL 4, 2023

Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to gain unauthorized access and complete the authentication process. CVSS score: 8.1).

Backups 93

Backups Ransomware Authentication Penetration Testing 93

SecureList

FEBRUARY 16, 2023

Fake donation sites started popping up after the Ukraine crisis broke out in 2022, pretending to accept money as aid to Ukraine. The pandemic The COVID-19 theme had lost relevance by late 2022 as the pandemic restrictions had been lifted in most countries. “Promotional campaigns by major banks” were a popular bait in 2022.

Phishing 97

Phishing Scams Accountability Energy and Utilities 97

Security Affairs

MAY 18, 2022

VMware addressed a critical authentication bypass vulnerability “affecting local domain users” in multiple products. The virtualization giant warns that a threat actor can exploit the flaw, tracked as CVE-2022-22972 (CVSSv3 base score of 9.8), to obtain admin privileges and urges customers to install patches immediately.

Authentication 83

Authentication Hacking Cybersecurity Information Security 83

Pentester Academy

APRIL 20, 2023

Lab Walkthrough — Authorization Bypass in RegexRequestMatcher [CVE-2022–22978] In our lab walkthrough series, we go through selected lab exercises on our INE Platform. Spring Security is a powerful and highly customizable authentication and access-control framework. It must be a route accessible to authenticated users.

Authentication 52

Authentication Risk Technology InfoSec 52

Security Affairs

JUNE 17, 2022

China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. On March 25, Sophos announced to have fixed the authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall.

Firewall 126

Firewall DNS Authentication Malware 126

Security Affairs

JUNE 5, 2022

This then granted the scam the appearance of authenticity and made it easier to dupe the NFT holders.” — Bored Ape Yacht Club (@BoredApeYC) June 4, 2022. This attack marks the third time the BAYC social media servers have been hacked by attackers this year. SecurityAffairs – hacking, Zyxel).

Phishing 132

Phishing Hacking Accountability Scams 132

Security Affairs

JUNE 21, 2022

Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay DC authentication to ADCS? Don't worry MS-DFSNM have your back [link] pic.twitter.com/pTHePYLLMs — Filip Dragovic (@filip_dragovic) June 18, 2022. To nominate, please visit:?.

Authentication 117

Authentication Hacking Cybersecurity Information Security 117

Security Affairs

DECEMBER 13, 2022

Citrix urges customers to update their installs to fix actively exploited zero-day (CVE-2022-27518) in Citrix ADC and Gateway. Citrix urges administrators to apply security updates for a zero-day vulnerability, tracked as CVE-2022-27518, in Citrix ADC and Gateway. ” reads a blog post published by the technology giant.

Authentication 130

Authentication Hacking Technology Cybersecurity 130

Security Affairs

APRIL 28, 2023

The company also fixed a high-severity post-authentication command injection issue ( CVE-2023-27991 , CVSS score: 8.8) The vulnerability can be exploited by a remote, authenticated attacker to execute some OS commands. ” reads the advisory published by the vendor. affecting some specific firewall versions. through 5.35.

Firewall 94

Firewall Firmware VPN Authentication 94

Herjavec Group

MARCH 24, 2022

Being PCI compliant is essential to properly handle sensitive data including payment card data, cardholder data, and even sensitive authentication data. The fourth version of the PCI DDS launch date has not yet been specifically announced, however, the PCI SSC has declared it will be released before the end of March 2022. The Solution.

Architecture 98

Architecture Firewall Penetration Testing eCommerce 98

Security Affairs

MAY 25, 2023

D-Link fixed two critical flaws in its D-View 8 network management suite that could lead to authentication bypass and arbitrary code execution. in its D-View 8 network management suite that could be exploited by remote attackers to bypass authentication and execute arbitrary code. ” reads the advisory published by ZDI.

Firmware 93

Firmware Authentication Software Hacking 93

Security Affairs

APRIL 15, 2022

Cisco has released security patches to fix a critical vulnerability (CVSS score 10), tracked as CVE-2022-20695 , in Cisco Wireless LAN Controller (WLC). A remote, unauthenticated attacker could exploit the flaw to bypass authentication and log in to the device through the management interface. or Release 8.10.162.0 or Release 8.10.162.0

Wireless 88

Wireless Software Authentication Mobile 88

Security Affairs

APRIL 12, 2023

The most critical vulnerabilities are: CVE-2023-27267 : missing authentication and insufficient input validation in the OSCommand Bridge of SAP Diagnostics Agent, version 720, can be exploited by an attacker to execute scripts on connected Diagnostics Agents.

Education 83

Education Media Authentication Passwords 83

Security Boulevard

APRIL 6, 2022

We tried to use a Trello board, blog posts, Twitter updates, Slack channels, and other tools, but we heard these media are not always easy to follow. In March 2022, we published a month-long survey asking the community to react to various feature requests and new ideas so we could get a sense of what to prioritize in the coming year.

Engineering 69

Engineering Media Authentication Social Engineering 69

Security Affairs

APRIL 21, 2023

“A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.” ” reads the advisory. “This vulnerability is due to improper input validation when uploading a Device Pack.

Authentication 91

Authentication Education Media Hacking 91

Security Affairs

MAY 2, 2023

FortiGuard Labs researchers observed a worrisome level of attacks attempting to exploit an authentication bypass vulnerability in TBK DVR devices. Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices.

Authentication 98

Authentication Retail Surveillance Education 98

Security Affairs

JUNE 12, 2022

Below is the list of flaws discovered by the researchers: CVE Detail Summary Mercury Firmware Version CVSS Score CVE-2022-31479 Unauthenticated command injection <=1.291 Base 9.0, CVE-2022-31480 Unauthenticated denial-of-service <=1.291 Base 7.5, CVE-2022-31481 Unauthenticated remote code execution <=1.291 Base 10.0,

Firmware 87

Firmware Penetration Testing Manufacturing Authentication 87

Security Affairs

APRIL 8, 2023

Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022. Unlike other ALPHV affiliates, UNC4466 doesn’t rely on stolen credentials for initial access to victim environments.

Backups 81

Backups Spyware Ransomware Education 81

Security Affairs

APRIL 7, 2022

.” The flaws addressed by the company have been tracked as CVE-2022-22954, CVE-2022-22955, CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961. SecurityAffairs – hacking, VMware). To nominate, please visit:? Pierluigi Paganini.

Risk 89

Risk Authentication Hacking Cybersecurity 89

Security Affairs

APRIL 22, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control Vulnerability.

Education 90

Education Media Authentication Cybersecurity 90

Security Affairs

MAY 5, 2022

The company addressed a total of 43 vulnerabilities, the most severe one is a critical issue tracked as CVE-2022-1388 (CVSS score of 9.8). F5 also addressed a couple of other important authentication bypass issues, tracked as CVE-2022-25946 and CVE-2022-27806 , in BIG-IP Guided Configuration and BIG-IP (ASM, Advanced WAF, APM).

Authentication 79

Authentication Cybersecurity Hacking Information Security 79

Security Affairs

APRIL 5, 2023

In late 2022, the researcher Sam Sabetan discovered a series of critical vulnerabilities in several smart devices manufactured by Nexx, including Smart Garage Door Openers, Alarms, and Plugs. .” Improper Authentication Validation CWE-287 ( CVE-2023–1752 , CVSS3.0: Improper Input Validation CWE-20 ( CVE-2023–1751 , CVSS3.0:

Manufacturing 91

Manufacturing Media Firewall Education 91

Security Affairs

APRIL 21, 2022

Cisco addressed a high severity vulnerability in the Cisco Umbrella Virtual Appliance (VA) , tracked as CVE-2022-20773, that could be exploited by an unauthenticated attacker to steal admin credentials remotely. SecurityAffairs – hacking, Cisco). “This vulnerability is due to the presence of a static SSH host key.

DNS 112

DNS Firewall Internet Internet 112

Security Affairs

JUNE 20, 2022

Cisco announced that it will not release updates to fix the CVE-2022-20825 flaw in end-of-life Small Business RV routers. Cisco will not release updates to address the CVE-2022-20825 RCE flaw in end-of-life Small Business RV routers and encourage upgrading to newer models. SecurityAffairs – hacking, Cisco). Pierluigi Paganini.

Small Business 87

Small Business Authentication Software Hacking 87

Security Affairs

APRIL 24, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. The PoC code allows attackers to bypass authentication and execute code on vulnerable PaperCut servers. The issue results from improper access control.

Authentication 95

Authentication Software Education Malware 95

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” ” reads the advisory published by Cisco.

Firmware 85

Firmware Education Media Authentication 85

The Last Watchdog

AUGUST 29, 2023

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Back in 2015, a security researcher decided to make that very point when he claimed to have hacked a plane , accessed the thrust system, and made it fly higher than intended.

Software 264

Software Risk Artificial Intelligence Engineering 264

Security Affairs

JUNE 11, 2022

PACMAN is a new attack technique demonstrated against Apple M1 processor chipsets that could be used to hack macOS systems. PACMAN is a novel hardware attack technique that can allow attackers to bypass Pointer Authentication (PAC) on the Apple M1 CPU. ” reads the research paper published by the researchers.

Authentication 96

Authentication Artificial Intelligence Architecture Hacking 96