Centraleyes

APRIL 18, 2024

Cisco has sounded the alarm on a widespread increase in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since March 18, 2024. The attacks appear to originate from TOR exit nodes and other anonymizing tunnels and proxies.

VPN 52

VPN Firewall Authentication Passwords 52

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 117

VPN Accountability Firewall Data breaches 117

SecureList

NOVEMBER 23, 2023

As we look to 2024, we believe that the consumer threat landscape will be heavily influenced by political, cultural, and technological events and trends. Unfortunately, this ambiguity sets the stage for an anticipated increase in charity-related scams in 2024. In Canada, a similar ban on the WeChat messenger was introduced in October.

VPN 90

VPN Scams Education Internet 90

NopSec

FEBRUARY 28, 2024

February 2024 is off to a ripping start for security research. Ghost CMS Persistent XSS CVE-2024-23724 Researchers at Rhino have identified a persistent cross-site scripting (XSS) vulnerability that impacts Ghost CMS. The attack chain is pretty interesting, but does require authenticated access. include=roles” endpoint.

Authentication 59

Authentication Accountability Passwords Risk 59

Security Affairs

MARCH 8, 2024

Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. Cisco released security patches to address two high-severity vulnerabilities in Secure Client respectively tracked as CVE-2024-20337 and CVE-2024-20338. ” reads the advisory.

VPN 100

VPN Authentication Hacking Information Security 100

Security Affairs

APRIL 25, 2024

Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). By redirecting the pointer to the Line Dancer interpreter, attackers can interact with the device through POST requests without authentication. PSIRT and Talos launched an investigation to support the customer.

VPN 116

VPN Software Firewall Authentication 116

Security Affairs

APRIL 19, 2024

The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by exploiting Ivanti VPN zero-days. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks.

Cyber Attacks 118

Cyber Attacks VPN Authentication Hacking 118

Security Affairs

APRIL 24, 2024

Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). By redirecting the pointer to the Line Dancer interpreter, attackers can interact with the device through POST requests without authentication. PSIRT and Talos launched an investigation to support the customer.

Firewall 110

Firewall Government VPN Authentication 110

eSecurity Planet

APRIL 15, 2024

Threats range from severe weaknesses in Ivanti’s VPN appliances to zero-day exploits in popular software such as Palo Alto Networks’ PAN-OS and Telegram’s Windows client. Employ robust password management techniques, two-factor authentication (2FA), and regular backups of essential data.

Firewall 109

Firewall VPN Software Risk 109

eSecurity Planet

MARCH 11, 2024

March 4, 2024 JetBrains Server Issues Continue with New Vulnerabilities Type of vulnerability: Authentication bypass. The problem: Two authentication bypass vulnerabilities, CVE-2024-27198 and CVE-2024-27199 , allow unauthenticated attackers to exploit JetBrains TeamCity servers. and iPadOS 17.4. and iPadOS 17.4

Authentication 109

Authentication Software VPN Security Defenses 109

NopSec

APRIL 3, 2024

Let’s fire up your favorite shell and listen to the sound of the ocean as we learn about the most trendy CVEs for March 2024. CVE-2024-23897 Jenkins is an open-source automation platform that facilitates the building, testing, and deployment of software. The post Top Trending CVEs of March 2024 appeared first on NopSec.

VPN 45

VPN Authentication Architecture Software 45

Security Affairs

FEBRUARY 27, 2024

CVE-2023-6398 – A post-authentication command injection vulnerability in the file upload binary in some firewall and AP versions could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP. in April 2024 Table 2. Patch 1 ZLD V4.32

Firewall 119

Firewall VPN Authentication Hacking 119

eSecurity Planet

MARCH 19, 2024

March 8, 2024 150,000 Fortinet Secure Web Gateways Remain Exposed Type of vulnerability: Arbitrary code execution (ACE). The problem: The FortiOS SSL VPN feature vulnerability, CVE-2024-21762, disclosed February 8th , remains exposed to attack on nearly 150,000 devices according to the ShadowServer Foundation website.

Authentication 119

Authentication VPN Software DDOS 119

eSecurity Planet

FEBRUARY 12, 2024

February 5, 2024 JetBrains TeamCity Saga Continues with Another Server Vulnerability Type of vulnerability: Authentication bypass by an unauthenticated attacker. The vulnerability is tracked as CVE-2024-23917. Both vulnerabilities affected authenticated users of Apache Oozie and Apache Ambari. through 2023.11.2.

VPN 109

VPN Authentication Software Firewall 109

Malwarebytes

JANUARY 11, 2024

Successful exploitation would give an attacker the ability to run arbitrary code on Ivanti’s Virtual Private Network (VPN) system. Ivanti Connect Secure is a widely used VPN solution that allows users to connect to their organization’s network. CVE-2024-21887 (CVSS score 9.1 CVE-2024-21887 (CVSS score 9.1

VPN 105

VPN Authentication Software Risk 105

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 114

VPN Cybercrime Ransomware Hacking 114

Security Affairs

JANUARY 11, 2024

Software firm Ivanti reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, 20240107.1.xml

Authentication 110

Authentication VPN Mobile Hacking 110

Security Affairs

MARCH 1, 2024

The advisory provides details about the exploitation in the wild of Connect Secure and Policy Secure vulnerabilities CVE-2023-46805 , CVE-2024-21887 , and CVE-2024-21893. Multiple threat actors are chaining these issues to bypass authentication, craft malicious requests, and execute arbitrary commands with elevated privileges.

Authentication 83

Authentication Cyber threats VPN Government 83

Security Affairs

JANUARY 18, 2024

CVE-2024-0519 – Google Chromium V8 Out-of-Bounds Memory Access Vulnerability. Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NSIP, CLIP, or SNIP. The flaw was reported by Anonymous on January 11, 2024.

Authentication 121

Authentication VPN Software Engineering 121

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. The malware creates a proxy or VPN tunnel on the compromised router to exfiltrate data, and then uses stolen credentials to access targeted resources.

Malware 106

Malware DNS Authentication Telecommunications 106

eSecurity Planet

JANUARY 22, 2024

January 16, 2024 Open-Source UEFI Implementation Sees 9 Vulnerabilities Type of vulnerability: Weaknesses in the network boot process of UEFI’s network implementation. The vulnerability also exists on GitHub Enterprise Server, but it can only be exploited by an authenticated user with an organization owner role.

Authentication 113

Authentication Malware VPN Mobile 113

Malwarebytes

JANUARY 19, 2024

The Citrix NetScaler vulnerabilities need to be patched by January 24, 2024. Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication are not impacted. VPN, ICA Proxy, CVPN, RDP Proxy) or as a AAA virtual server. These issues only apply to customer-managed NetScaler ADC and NetScaler Gateway.

Authentication 108

Authentication VPN Internet Internet 108

eSecurity Planet

JANUARY 16, 2024

January 10, 2024 Thousands of WordPress Sites Vulnerable to Malware Injection Type of vulnerability: Cross-site scripting flaw in Popup Builder that allows a malware injection. This vulnerability is tracked as CVE-2024-21591. Potential results of the exploits include authentication bypass and command injection. Versions 9.x

Firewall 109

Firewall Firmware IoT Authentication 109

Security Affairs

JANUARY 24, 2024

In January 2024, the Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices. ” concludes the update.

Ransomware 115

Ransomware VPN Government Retail 115

Duo's Security Blog

MARCH 30, 2023

Effective March 30, 2024, Duo will no longer support the traditional Duo Prompt. A few specific reasons to move to the Duo Universal Prompt The Universal Prompt is Duo's latest authentication interface that enables easier, and more secure authentication for users. Long story short, it’s streamlined and removes clutter.

Authentication 54

Authentication Software Risk VPN 54

eSecurity Planet

JANUARY 29, 2024

Each user also has access to a free VPN to use when connecting to public Wi-Fi, and an Identity Dashboard that scans the dark web for potential fraud. This software uses patented security architecture with 256-bit encryption, plus built-in two factor authentication. You can unsubscribe at any time.

Password Management 109

Password Management Passwords Authentication Accountability 109

NopSec

MAY 1, 2024

Let’s drop to a command line, clone some Git repos and demystify the trending CVEs of April 2024. Palo Alto PanOS RCE CVE-2024-3400 It feels like the first quarter of 2024 has been defined by a string of SSL VPN command execution vulnerabilities and Palo Alto has jumped on the wagon. h3, < 11.1.1-h1,

Firewall 52

Firewall VPN Software Risk 52

Security Boulevard

FEBRUARY 2, 2024

Introduction Ivanti, an IT management and security company, has issued a warning about multiple zero-day vulnerabilities in its VPN products exploited by Chinese state-backed hackers since December 2023. and CVE-2024-21887(a command-injection vulnerability found into multiple web components with a CVSS score of 9.1)

VPN 62

VPN Risk Architecture Firewall 62

The Last Watchdog

MAY 14, 2021

Early SD-WAN solutions “were built only to replace an MPLS-VPN with an Internet-based VPN,” Ahuja says. All of these tools became extremely necessary to ensure that you could authenticate the user before allowing them access to the right resources in the network,” Ahuja says. Those estimates may yet turn out to be conservative.

Firewall 138

Firewall Mobile VPN Digital transformation 138

NopSec

JANUARY 31, 2024

We open up 2024 with an interesting mix of vulnerabilities, some of which have been patched for nearly a year. We save the best for last and take a look at a serious duo of vulnerabilities that impact Invanit (Pulse Secure) SSL VPNs. Roll up your sleeves and drop into a command line as we cover the trending CVEs of January 2024.

VPN 59

VPN Government Risk Hacking 59

eSecurity Planet

APRIL 17, 2023

Security Qualifications OPSWAT MetaAccess has earned certification for ISO 27001:2013 and is available on the US government GSA Multiple Award Schedule through 2024. Applicable Metric Each MetaAccess appliance scales up to 25,000 concurrent endpoints and can be assembled into appliance clusters for larger environments.

IoT 98

IoT Wireless Malware Authentication 98

Security Affairs

FEBRUARY 4, 2024

Ransomware Revenue Down As More Victims Refuse to Pay Energy giant Schneider Electric hit by Cactus ransomware attack Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web Fla.

Identity Theft 110

Identity Theft VPN Malware Ransomware 110

LRQA Nettitude Labs

MARCH 27, 2024

Direct access to the corporate network through a Virtual Private Network (VPN) or graphical access to a Virtual Desktop Infrastructure (VDI) host is unusual, meaning that in order to interact with internal corporate websites, operators must tunnel traffic from their systems to the internal network, through the in-memory implant.

Authentication 96

Authentication Passwords VPN Accountability 96

Security Affairs

APRIL 12, 2019

At least four VPN apps sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC). Virtual private networks (VPNs) are affordable, easy to use, and a vital component in your system. What if these VPNs are vulnerable to attackers? 8.3R6, and 9.0R2.

VPN 92

VPN Marketing Authentication Small Business 92

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. Multi-factor authentication : Protects stolen credentials against use by requiring more than a simple username and password combination for access to resources. globally, +19.8%

Cybersecurity 70

Cybersecurity DDOS Penetration Testing Passwords 70

Security Boulevard

JANUARY 2, 2024

Let's delve into the rewind of 2023, exploring five influential trends and threats that molded the cyberthreat landscape and are poised to resonate throughout enterprises in 2024. In fact, 2023 saw an increase in VPN vulnerabilities and, accordingly, nearly 1 in 2 organizations reported that they experienced VPN-related attacks.

CISO 103

CISO Social Engineering Architecture Ransomware 103

eSecurity Planet

MAY 25, 2022

By 1999, its successor – the Transport Layer Security (TLS) protocol – offered a more robust cryptographic protocol across technical components like cipher suites, record protocol, message authentication , and handshake process. HTTP over SSL or HTTP over TLS, dubbed HTTPS, wasn’t immediately adopted by the masses. Uses of Encryption.

Encryption 138

Encryption Computers and Electronics Password Management Passwords 138