Security Affairs

JANUARY 25, 2025

The duo found Subaru’s admin panel hosted on a subdomain, allowing password resets for employee accounts without confirmation, bypassing two-factor authentication. Researchers used the valid employee email to reset the password, bypass two-factor authentication, and gain access to the panels functionality. ” wrote Curry.

Hacking 127

Hacking Accountability Authentication Passwords 127

Krebs on Security

DECEMBER 18, 2024

A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device. Nevertheless, Soundcloud removed the audio file.

Cryptocurrency 363

Cryptocurrency Accountability Authentication Phishing 363

Security Affairs

OCTOBER 20, 2024

F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise products, respectively tracked as CVE-2024-45844 and CVE-2024-47139. An authenticated attacker, with Manager role privileges or higher, could exploit the vulnerability CVE-2024-45844 to elevate privileges and compromise the BIG-IP system.

Authentication 138

Authentication Hacking Technology Information Security 138

Security Affairs

NOVEMBER 7, 2024

Google as usual did not share details about the attacks exploiting the above vulnerability, however, it added that another issue, tracked as CVE-2024-43047, is actively exploited in the wild. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 127

Firewall Authentication Accountability Risk 127

Krebs on Security

NOVEMBER 1, 2024

Booking.com said it now requires 2FA , which forces partners to provide a one-time passcode from a mobile authentication app (Pulse) in addition to a username and password. One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account.

Phishing 276

Phishing Accountability Artificial Intelligence Cybercrime 276

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 132

Backups Ransomware VPN Authentication 132

Security Affairs

NOVEMBER 13, 2024

Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information. The vulnerability CVE-2024-45421 (CVSS score of 8.5) is a buffer overflow issue that an authenticated attacker could exploit.

Authentication 116

Authentication Mobile Hacking Information Security 116

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. In January 2024, U.S.

Hacking 344

Hacking Cybercrime Phishing Passwords 344

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. ” BleepingComputer also reported that multiple companies confirmed the leaked Oracle data as authentic, including accurate LDAP names, emails, and other identifiers. This is not okay.

Hacking 122

Hacking Data breaches Encryption Authentication 122

Security Affairs

OCTOBER 11, 2024

As of September 5, 2024, the Internet Archive held more than 42.1 Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked. Internet Archive hacked. million print materials, 13 million videos, 1.2 Hunt will add the information of the impacted users to HIBP very soon.

Data breaches 123

Data breaches Internet Internet DDOS 123

Security Affairs

DECEMBER 11, 2024

Ivanti addressed a critical authentication bypass vulnerability impacting its Cloud Services Appliance (CSA) solution. Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-11639 (CVSS score of 10), in its Cloud Services Appliance (CSA) solution. ” reads the advisory published by the company.

Authentication 106

Authentication Software Hacking Information Security 106

Security Affairs

DECEMBER 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) Remote attackers could bypass authentication and execute arbitrary commands by exploiting a flaw in secMiddleware , which only validates POST requests. . to its Known Exploited Vulnerabilities (KEV) catalog.

DNS 110

DNS Authentication Ransomware Hacking 110

Security Affairs

NOVEMBER 2, 2024

Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957 , in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, GretNoise researchers warn.

Firmware 123

Firmware Manufacturing IoT Healthcare 123

Security Affairs

NOVEMBER 9, 2024

A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 134

Backups Ransomware VPN Accountability 134

Security Affairs

FEBRUARY 20, 2025

Citrix released security updates to address a high-severity security vulnerability, tracked as CVE-2024-12284 (CVSS score of 8.8) The company pointed out that only authenticated users with existing access to the NetScaler Console can exploit this vulnerability. impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent.

Authentication 120

Authentication Software Hacking Information Security 120

Security Affairs

FEBRUARY 3, 2025

The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104 , which is actively exploited in attacks in the wild. “There are indications that CVE-2024-53104 may be under limited, targeted exploitation.” ” reads Google’s bulletin.

Media 117

Media Authentication Hacking Accountability 117

Security Affairs

JANUARY 19, 2025

A severe vulnerability, tracked as CVE-2024-12365 (CVSS score of 8.5) The vulnerability allows authenticated attackers with Subscriber access to exploit a missing capability check, leading to information disclosure. in the WordPress W3 Total Cache plugin could expose metadata from internal services and cloud apps.

Consumer Services 127

Consumer Services Authentication Hacking 127

Security Affairs

FEBRUARY 19, 2025

Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls. Attackers are chaining them with the CVE-2025-0108 with CVE-2024-9474 issues. ” reads the updated bulletin published by the vendor.

Firewall 107

Firewall Authentication Architecture Internet 107

Krebs on Security

APRIL 30, 2025

prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States and abroad, and that he personally controlled more than $26 million stolen from victims. Tyler Buchanan, being escorted by Spanish police at the airport in Palma de Mallorca in June 2024.

Identity Theft 195

Identity Theft Phishing Cryptocurrency Cybercrime 195

Security Affairs

OCTOBER 14, 2024

The three vulnerabilities exploited by the threat actor are: CVE-2024-9380 (CVSS score: 7.2) – an OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2. A remote authenticated attacker with admin privileges can exploit the vulnerability to achieve remote code execution. Patch 519. .

Authentication 130

Authentication Hacking Information Security 130

Security Affairs

FEBRUARY 19, 2025

The second vulnerability, tracked CVE-2025-26466 (CVSS score: 5.9), affects both the OpenSSH client and server, allowing a pre-authentication denial-of-service attack. ” The OpenSSH client and server are vulnerable (CVE-2025-26466) to a pre-authentication denial-of-service (DoS) attack.

Authentication 124

Authentication System Administration DNS Hacking 124

Security Affairs

NOVEMBER 15, 2024

Below are the descriptions of the flaws addressed by the security firm: CVE-2024-9463 (CVSS 9.9) – A command injection vulnerability in Palo Alto Networks’ Expedition allows unauthenticated attackers to execute OS commands as root, exposing usernames, passwords, configurations, and API keys of PAN-OS firewalls.

Firewall 110

Firewall Passwords Authentication Phishing 110

Security Affairs

APRIL 17, 2025

A remote authenticated attacker can exploit the flaw to inject arbitrary commands as a ‘nobody’ user, which could potentially lead to arbitrary code execution. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, CISA ) ” reads the advisory.

Authentication 110

Authentication Hacking Cybersecurity Risk 110

Security Affairs

NOVEMBER 8, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Palo Alto Expedition Missing Authentication Vulnerability, tracked as CVE-2024-5910 , to its Known Exploited Vulnerabilities (KEV) catalog. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, RCE)

Firewall 118

Firewall Authentication Internet Internet 118

Security Affairs

NOVEMBER 19, 2024

CVE-2024-0012 is a vulnerability in Palo Alto Networks PAN-OS that allows unauthenticated attackers with network access to the management web interface to bypass authentication and gain administrator privileges. CISA orders federal agencies to fix this vulnerability by December 5, 2024. The issue affects PAN-OS versions 10.2,

Firewall 110

Firewall Authentication Risk Hacking 110

Security Affairs

OCTOBER 23, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft SharePoint Deserialization Vulnerability CVE-2024-38094 (CVSS v4 score: 7.2) “An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.”

Encryption 123

Encryption Authentication Cybersecurity Accountability 123

Security Affairs

DECEMBER 30, 2024

Cisco confirmed the authenticity of the 4GB of leaked data, the data was compromised in a recent security breach, marking the second leak in the incident. Cisco confirmed the authenticity of the 4GB of leaked data, which was compromised in a recent security breach, marking it as the second leak in the incident.

Data breaches 126

Data breaches Cybercrime Authentication Technology 126

Krebs on Security

JANUARY 7, 2025

This domain was featured in a writeup from February 2024 by the security firm Lookout , which found it was one of dozens being used by a prolific and audacious voice phishing group it dubbed “ Crypto Chameleon.” Before we get to the Apple scam in detail, we need to revisit Tony’s case. “ Annie.”

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Security Affairs

OCTOBER 24, 2024

Cisco addressed multiple vulnerabilities in Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Firepower Threat Defense (FTD) products, including an actively exploited flaw tracked as CVE-2024-20481. The vulnerability CVE-2024-20481 (CVSS score of 5.8) ” reads the advisory.

VPN 124

VPN Firewall Passwords Software 124

Security Affairs

NOVEMBER 26, 2024

Attackers can exploit the SSL VPN gateway by accessing the filesystem via an HTTP header flags attribute and a vulnerable URL without authentication. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. ” reads the advisory.

VPN 112

VPN Authentication Hacking Risk 112

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. Hunt noticed that most recent timestamp on the database records is September 28th, 2024, which is likely the date of the data exfiltration.

Internet 130

Internet Internet Data breaches Authentication 130

Security Affairs

FEBRUARY 26, 2025

The two vulnerabilities are: CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability The first vulnerability, CVE-2023-34192 (CVSS score: 9.0), is a cross-site scripting (XSS) issue in Synacor ZCS.

Authentication 103

Authentication Hacking Cybersecurity Risk 103

Security Affairs

NOVEMBER 3, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency 110

Cryptocurrency Hacking Phishing Cyber Attacks 110

Security Affairs

NOVEMBER 5, 2024

These cameras, which feature an embedded web server allowing for direct access by web browser, are reportedly deployed in environments where reliability and privacy are crucial” CVE-2024-8956 (CVSS score of 9.1) CVE-2024-8957 (CVSS score of CVSS 7.2) CISA orders federal agencies to fix this vulnerability by November 25, 2024.

Firmware 127

Firmware Manufacturing Authentication IoT 127

Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. The attackers targeted accounts protected with basic authentication bypassing multi-factor authentication. The attackers used basic authentication methods. ” continues the report.

Passwords 122

Passwords Accountability Authentication Malware 122

Security Affairs

OCTOBER 23, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Fortinet FortiManager missing authentication vulnerability CVE-2024-47575 (CVSS v4 score: 9.8) A missing authentication flaw in FortiManager and FortiManager Cloud versions allows attackers to execute arbitrary code or commands through specially crafted requests.

Authentication 127

Authentication Malware Risk Cybersecurity 127

Security Affairs

JANUARY 8, 2025

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, SonicOS)

Firewall 116

Firewall Firmware VPN Authentication 116