Security Affairs

FEBRUARY 26, 2025

The two vulnerabilities are: CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability The first vulnerability, CVE-2023-34192 (CVSS score: 9.0), is a cross-site scripting (XSS) issue in Synacor ZCS.

Authentication 103

Authentication Hacking Cybersecurity Risk 103

Security Affairs

NOVEMBER 14, 2023

VMware disclosed a critical bypass vulnerability in VMware Cloud Director Appliance that can be exploited to bypass login restrictions when authenticating on certain ports. “VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5

Authentication 139

Authentication Hacking Information Security 139

Security Affairs

SEPTEMBER 3, 2023

Researcher released PoC exploit code for a recent critical flaw (CVE-2023-34039) in VMware Aria Operations for Networks. At the end of August, VMware released security updates to address two vulnerabilities in Aria Operations for Networks (formerly vRealize Network Insight), respectively tracked as CVE-2023-34039 (CVSS score: 9.8)

Authentication 136

Authentication Engineering Hacking Information Security 136

SecureList

MAY 14, 2024

Incident response analyst report 2023 As an information security company, our services include incident response and investigation, and malware analysis. Our annual Incident Response Report presents anonymized statistics on the cyberattacks we investigated in 2023. Read the full 2023 Incident Response Report (PDF).

Ransomware 129

Ransomware Passwords Authentication Government 129

Security Affairs

NOVEMBER 1, 2023

Experts warn that threat actors started exploiting the critical flaw CVE-2023-46747 in F5 BIG-IP installs less than five days after PoC exploit disclosure. F5 this week warned customers about a critical security vulnerability, tracked as CVE-2023-46747 (CVSS 9.8), that impacts BIG-IP and could result in unauthenticated remote code execution.

Authentication 133

Authentication Hacking Cybersecurity Information Security 133

Security Affairs

DECEMBER 17, 2024

In March 2023, Lumen Black Lotus Labs researchers uncovered a sophisticated campaign called HiatusRAT that infected over 100 edge networking devices globally. Starting in mid-June through August 2023, Black Lotus Labs observed multiple newly compiled versions of the HiatusRAT malware discovered in the wild.

Architecture 109

Architecture Internet Internet Malware 109

Security Affairs

OCTOBER 9, 2023

IBM observed a credential harvesting campaign that is targeting Citrix NetScaler gateways affected by the CVE-2023-3519 vulnerability. IBM’s X-Force researchers reported that threat actors are conducting a large-scale credential harvesting campaign exploiting the recent CVE-2023-3519 vulnerability (CVSS score: 9.8)

VPN 135

VPN Authentication Cyber Attacks Passwords 135

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. Broken Authentication 5. Broken Authentication 5. Mitigation: implement authentication and authorization controls according to the role-based access model.

Passwords 138

Passwords Authentication Architecture Risk 138

Security Affairs

OCTOBER 25, 2023

Citrix warned of attacks actively exploiting the vulnerability CVE-2023-4966 in NetScaler ADC and Gateway appliances. Citrix is urging administrators to secure all NetScaler ADC and Gateway appliances against the CVE-2023-4966 vulnerability, which is actively exploited in attacks. reported Citrix. reported Citrix.

Authentication 136

Authentication VPN Hacking Government 136

Security Affairs

OCTOBER 2, 2023

Experts warn of threat actors actively exploiting CVE-2023-40044 flaw in recently disclosed flaw in Progress Software’s WS_FTP products. It was a bit shocking that we were able to reach the deserialization sink without any authentication.” All versions of WS_FTP Server are affected by these vulnerabilities.”

Authentication 131

Authentication Software Internet Internet 131

Security Affairs

SEPTEMBER 19, 2023

Researchers discovered approximately 12,000 Juniper SRX firewalls and EX switches vulnerable to a recently disclosed CVE-2023-36845 RCE flaw. VulnCheck researchers discovered approximately 12,000 internet-exposed Juniper SRX firewalls and EX switches that are vulnerable to the recently disclosed remote code execution flaw CVE-2023-36845.

Firewall 142

Firewall Internet Internet Authentication 142

Security Affairs

MARCH 8, 2024

The three flaws fixed are: CVE-2024-21899 : an improper authentication vulnerability could allow users to compromise the security of the system via a network. CVE-2024-21900 : an injection vulnerability could allow authenticated users to execute commands via a network. x QTS 5.1.3.2578 build 20231110 and later QTS 4.5.x

Authentication 136

Authentication Hacking Internet Internet 136

Security Affairs

MAY 1, 2025

SonicWall revealed that attackers actively exploited two security vulnerabilities, tracked as CVE-2023-44221 and CVE-2024-38475 , in its SMA100 Secure Mobile Access appliances. The company addressed the flaws with the following releases: CVE-2023-44221 – 10.2.1.10-62sv

Firmware 69

Firmware Mobile VPN Authentication 69

Security Affairs

MAY 2, 2025

An attacker can exploit the flaw to map URLs to file system locations that are permitted to be served by the server CVE-2023-44221 (CVSS score: 7.2) A remote authenticated attacker with administrative privilege can exploit the flaw to inject arbitrary commands as a nobody user, potentially leading to OS Command Injection Vulnerability.

Firmware 71

Firmware Authentication VPN Mobile 71

Security Affairs

OCTOBER 18, 2023

Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin related to a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices. ” reported Citrix.

Authentication 134

Authentication VPN Hacking Government 134

Security Affairs

OCTOBER 31, 2023

Researchers publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. ai publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. “[the PoC code] is an example request that bypasses authentication on vulnerable instances of IOS-XE.

Internet 140

Internet Internet Software Accountability 140

Security Affairs

NOVEMBER 29, 2023

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 2023 breach and revealed additional threat actor malicious activities. On Thursday, October 19, Okta advised customers of a security incident.

Social Engineering 133

Social Engineering Authentication Accountability Engineering 133

Security Affairs

OCTOBER 4, 2023

Software giant Atlassian released emergency security updates to address a critical zero-day vulnerability, tracked as CVE-2023-22515 (CVSS score 10), in its Confluence Data Center and Server software. The flaw CVE-2023-22515 is a privilege escalation vulnerability that affects Confluence Data Center and Server 8.0.0 and later.

Software 143

Software Accountability Authentication Internet 143

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. The bootkit hooks UEFI authentication functions to bypass the Secure Boot mechanism and patches GRUB boot loader functions to evade additional integrity verifications.

Firmware 108

Firmware Manufacturing Malware Authentication 108

Security Affairs

SEPTEMBER 28, 2023

Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE. ” reads the advisory published by the IT giant.

VPN 135

VPN Software Encryption Authentication 135

Krebs on Security

APRIL 27, 2023

Customers can access a Salesforce Community website in two ways: Authenticated access (requiring login), and guest user access (no login required). This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information.

Banking 343

Banking Government Information Security Authentication 343

Security Affairs

JUNE 29, 2023

Data protection firm Arcserve addressed an authentication bypass vulnerability in its Unified Data Protection (UDP) backup software. Data protection vendor Arcserve addressed a high-severity bypass authentication flaw, tracked as CVE-2023-26258, in its Unified Data Protection (UDP) backup software. Arcserve released UDP 9.1

Authentication 98

Authentication Backups Ransomware Software 98

Security Affairs

AUGUST 21, 2023

Ivanti warned customers of a new critical Sentry API authentication bypass vulnerability tracked as CVE-2023-38035. The software company Ivanti released urgent security patches to address a critical-severity vulnerability, tracked as CVE-2023-38035 (CVSS score 9.8), in the Ivanti Sentry (formerly MobileIron Sentry) product.

Authentication 98

Authentication Internet Internet Mobile 98

Joseph Steinberg

JANUARY 4, 2023

The term Zero Trust refers to a concept, an approach to information security that dramatically deviates from the common approach of yesteryear; Zero Trust states that no request for service is trusted, even if it is issued by a device owned by the resource’s owner, and is made from an internal, private network belonging to the same party.

Architecture 361

Architecture Artificial Intelligence Encryption Cybersecurity 361

Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical vulnerability affecting its network-attached storage (NAS) devices. Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. in its firewall devices.

Firmware 98

Firmware Firewall Authentication VPN 98

Security Affairs

JUNE 20, 2023

VMware is warning customers that critical remote code execution vulnerability CVE-2023-20887 is being actively exploited in attacks. “VMware has confirmed that exploitation of CVE-2023-20887 has occurred in the wild,” reads the advisory. The vulnerability CVE-2023-20887 (CVSSv3 score of 9.8)

Authentication 98

Authentication Hacking Technology Information Security 98

Security Affairs

DECEMBER 3, 2023

Zyxel addressed tens of vulnerabilities that expose users to cyber attacks, including command injection and authentication bypass. The addressed issues are tracked as CVE-2023-35136 , CVE-2023-35139 , CVE-2023-37925 , CVE-2023-37926 , CVE-2023-4397 , CVE-2023-4398 , CVE-2023-5650 , CVE-2023-5797 , CVE-2023-5960.

Firewall 132

Firewall Authentication VPN Cyber Attacks 132

Security Affairs

AUGUST 24, 2023

Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti Sentry authentication bypass vulnerability CVE-2023-38035 (CVSS score 9.8). and prior. “If

Internet 98

Internet Internet Authentication Risk 98

Security Affairs

JUNE 7, 2023

Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. The vulnerability CVE-2023-20864 (CVSSv3 base score of 9.8) ” continues the advisory.

Authentication 98

Authentication Hacking Technology Information Security 98

Security Affairs

MAY 8, 2024

The issue is tracked as CVE-2023-49606 and received a CVSS score of 9.8. the code is only triggered after access list checks and authentication have succeeded. so if you use basic auth with a reasonably secure password or allow only specific trusted hosts you won’t have to worry. and Tinyproxy 1.10.0.

Internet 127

Internet Internet Passwords Authentication 127

Security Affairs

NOVEMBER 1, 2023

US CISA added two vulnerabilities, tracked as CVE-2023-46747 and CVE-2023-46748, in BIG-IP to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerabilities CVE-2023-46747 and CVE-2023-46748 in BIG-IP to its Known Exploited Vulnerabilities catalog.

Authentication 132

Authentication Hacking Risk Cybersecurity 132

Security Affairs

MAY 21, 2024

The other vulnerabilities impacting Network Attached Storage (NAS) discovered by WatchTowr code execution, buffer overflow, memory corruption, authentication bypass, and XSS issues impacting the security of Network Attached Storage (NAS) devices across different deployment environments.

Authentication 136

Authentication Accountability Social Engineering Hacking 136

Security Affairs

DECEMBER 28, 2023

Experts warn of an authentication bypass zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. Experts warn of a zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. ” reads the report published by SonicWall.

Authentication 141

Authentication Passwords Hacking Software 141

Security Affairs

NOVEMBER 13, 2023

US CISA added four vulnerabilities (tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847) in Juniper devices to its Known Exploited Vulnerabilities catalog. ” states the update published by the company on November 8 th 2023. Customers are urged to immediately upgrade.”

Firewall 138

Firewall Authentication Internet Internet 138

Security Affairs

NOVEMBER 15, 2023

SAP November 2023 Security Patch Day includes three new and three updated security notes. The most severe “hot news” is an improper access control vulnerability, tracked as CVE-2023-31403 (CVSS score of 9.6), that impacts SAP Business One product installation. ” reads the advisory.

Authentication 135

Authentication Hacking Software Information Security 135

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. Bishop Fox’s Capability Development team built an exploit for the vulnerability CVE-2023-27997. ” states the analysis published by Bishop Fox.

Firewall 98

Firewall VPN Firmware Internet 98

Security Affairs

DECEMBER 19, 2023

CitrixBleed is a critical vulnerability, tracked as CVE-2023-4966 , in Citrix NetScaler ADC (Application Delivery Controller) software. The vulnerability was discovered by security researchers at Positive Technologies and disclosed to Citrix in October 10, 2023. ” reads the notice of a security incident.

Authentication 132

Authentication Data breaches Passwords Internet 132