Accountability, Authentication, Blog and Information Security

Google Authenticator App now supports Google Account synchronization

Security Affairs

APRIL 25, 2023

Google announced that its Authenticator app for Android and iOS now supports Google Account synchronization. Google announced that its Google Authenticator app for both iOS and Android now supports Google Account synchronization that allows to safely backup users one-time codes to their Google Account.

Authentication

Authentication Accountability Backups Education

EvilProxy used in massive cloud account takeover scheme

Security Affairs

AUGUST 9, 2023

Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations EvilProxy was observed sending 120,000 phishing emails to over a hundred organizations to steal Microsoft 365 accounts. Proofpoint noticed a worrisome surge of successful cloud account compromises in the past five months.

Accountability

Accountability Phishing Authentication Architecture

Hackers Stole Access Tokens from Okta’s Support Unit

Krebs on Security

OCTOBER 20, 2023

Okta , a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. He said that on Oct 2., 2 was not a result of a breach in its systems. But she said that by Oct.

Social Engineering

Social Engineering Engineering Accountability Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

A “By-Design” flaw in Microsoft Azure can allow storage accounts takeover

Security Affairs

APRIL 11, 2023

A flaw in Microsoft Azure could be exploited by attackers to gain access to storage accounts, perform lateral movements, and even execute remote code. Researchers from the security firm Orca demonstrated how to abuse Microsoft Azure Shared Key authorization to gain full access to storage accounts and potentially critical business assets.

Accountability

Accountability Education Media Authentication

Privileged account management challenges: comparing PIM, PUM and PAM

CyberSecurity Insiders

NOVEMBER 18, 2021

This blog was written by an independent guest blogger. He is also looking for opportunities to collect additional access parameters (usernames and passwords), elevate privileges, or use already existing compromised accounts for unauthorized access to systems, applications, and data. Most cyberattacks originate outside the organization.

Accountability

Accountability Passwords Authentication Social Engineering

Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers

SC Magazine

APRIL 27, 2021

Mandiant Tuesday posted a blog detailing a new attack strategy against Microsoft’s Active Directory Federation Services (AD FS). But the same campaign relied on takeovers of AD FS servers to overtake Microsoft 365 accounts for espionage purposes. Photo by Drew Angerer/Getty Images).

Authentication

Authentication Accountability Media Government

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Read more: Top IT Asset Management Tools for Security.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Microsoft fixed Azure AD bug that led to Bing.com results manipulation and account takeover

Security Affairs

APRIL 3, 2023

’ The shared responsibility model allows application owners to add an authentication function by simply clicking a button. ” The experts discovered that other apps were impacted by the misconfiguration issue, including Mag News, Central Notification Service (CNS), Contact Center, PoliCheck, Power Automate Blog, and COSMOS.

Accountability

Accountability Education Media Authentication

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

Customers can access a Salesforce Community website in two ways: Authenticated access (requiring login), and guest user access (no login required). This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information.

Banking

Banking Government Information Security Authentication

Actionable WebAuthn You Can (and Should) Implement Today

Duo's Security Blog

JANUARY 23, 2024

Throughout 2023, we’ve heard about many high-profile security incidents targeting a wide range of publicly listed companies. Additionally, Chief Information Security Officers (CISOs) have also been under scrutiny for the actions they’ve taken to address these issues. Can your organization exclusively support WebAuthn?

Authentication

Authentication Accountability CISO Technology

How to Evaluate the True Costs of Multi-Factor Authentication

Duo's Security Blog

JANUARY 27, 2022

Not all multi-factor authentication (MFA) solutions are equal. For a two-factor authentication solution, that may include hidden costs, such as upfront, capital, licensing, support, maintenance, and operating costs. Estimate and plan for how much it will cost to deploy multi-factor authentication to all of your apps and users.

Authentication

Authentication Software Mobile Passwords

Slickwraps discloses data leak that impacted 850,000 user accounts

Security Affairs

FEBRUARY 24, 2020

Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. A cyber security expert that goes online with the moniker of Lynx0x00 published a blog post detailing his failed attempts of reporting the vulnerability on Slickwraps’ servers to the company.

Accountability

Accountability Data breaches Passwords Advertising

Fortinet fixed a critical vulnerability in its Data Analytics product

Security Affairs

APRIL 13, 2023

Successful exploitation can lead to remote, unauthenticated access to Redis and MongoDB instances via crafted authentication requests. ” reads the advisory published by the vendor.

Authentication

Authentication Education Media Hacking

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Security Affairs

APRIL 28, 2023

The company also fixed a high-severity post-authentication command injection issue ( CVE-2023-27991 , CVSS score: 8.8) The vulnerability can be exploited by a remote, authenticated attacker to execute some OS commands. ” reads the advisory published by the vendor. affecting some specific firewall versions. through 5.35.

Firewall

Firewall Firmware VPN Authentication

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

Security Affairs

APRIL 4, 2023

Below is the list of flaws exploited by the ransomware gang’s affiliate: CVE-2021-27876 : The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. It supports multiple authentication schemes: SHA authentication is one of these.

Backups

Backups Ransomware Authentication Penetration Testing

5 API Vulnerabilities That Get Exploited by Criminals

Security Affairs

NOVEMBER 22, 2022

It’s no secret that cyber security has become a leading priority for most organizations — especially those in industries that handle sensitive customer information. And as these businesses work towards building robust security strategies, it’s vital that they account for various threat vectors and vulnerabilities.

Authentication

Authentication B2B Accountability Digital transformation

Cisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutions

Security Affairs

APRIL 21, 2023

“A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.” ” reads the advisory. “This vulnerability is due to improper input validation when uploading a Device Pack.

Authentication

Authentication Education Media Hacking

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

FortiGuard Labs researchers observed a worrisome level of attacks attempting to exploit an authentication bypass vulnerability in TBK DVR devices. Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices.

Authentication

Authentication Retail Surveillance Education

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting. To nominate, please visit:?.

Telecommunications

Telecommunications Authentication Passwords Accountability

Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin

Security Affairs

MARCH 31, 2023

and all versions before it, allowing authenticated users, like shop customers or site members, to change the site’s settings and can potentially lead to a complete site takeover. The expert reported that the issue impacts Elementor Pro when it is installed on a site that has WooCommerce activated. The issue impacts version v3.11.6

Authentication

Authentication Education Accountability Media

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

Security Affairs

JUNE 5, 2022

“CertiK analysis reveals that this community manager, account –@BorisVagner (“BorisVagner | SBS” on Discord)– posted a message to BAYC’s Discord server with a phishing link that led to the fake site. This then granted the scam the appearance of authenticity and made it easier to dupe the NFT holders.”

Phishing

Phishing Hacking Accountability Scams

SAP April 2023 security updates fix critical vulnerabilities

Security Affairs

APRIL 12, 2023

SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. SAP fixed two critical bugs that affect the Diagnostics Agent and the BusinessObjects Business Intelligence Platform.

Education

Education Media Authentication Passwords

Experts released PoC Exploit code for actively exploited PaperCut flaw

Security Affairs

APRIL 24, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. The PoC code allows attackers to bypass authentication and execute code on vulnerable PaperCut servers. The issue results from improper access control.

Authentication

Authentication Software Education Malware

Five Eyes agencies warn of attacks on MSPs

Security Affairs

MAY 12, 2022

. “The CSA—created in response to reports of increased activity against MSPs and their customers—provides specific guidance for both MSPs and customers aimed at enabling transparent discussions on securing sensitive data.” Enforce multifactor authentication (MFA). Deprecate obsolete accounts and infrastructure.

Authentication

Authentication Accountability Architecture Backups

Microsoft Azure flaws could allow accessing PostgreSQL DBs of other customers

Security Affairs

APRIL 30, 2022

Researchers discovered flaws in the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. Microsoft addressed a couple of vulnerabilities impacting the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region.

Authentication

Authentication Accountability Hacking Cybersecurity

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

.” The researchers reported the issues to the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), which assigned the following five CVEs: Use of Hard-coded Credentials CWE-798 ( CVE-2023–1748 , CVSS3.0: Improper Authentication Validation CWE-287 ( CVE-2023–1752 , CVSS3.0:

Manufacturing

Manufacturing Media Firewall Education

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Cybercrime

Cybercrime Malware Hacking Accountability

CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 22, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control Vulnerability.

Education

Education Media Authentication Cybersecurity

‘Land Lordz’ Service Powers Airbnb Scams

Krebs on Security

APRIL 14, 2019

The ne’er-do-well who set up the account below has been paying $550 a month for a Land Lordz “basic plan” subscription at landlordz[.]site The site looks exactly like the real Airbnb, includes pictures of the requested property, and steers visitors toward signing in or to creating a new account. co.uk , airbnb.pt-anuncio[.]com

Scams

Scams Advertising Accountability Phishing

Removing Passwords, Without Compromising Security

Duo's Security Blog

JANUARY 26, 2024

In today’s complex IT landscape, one of the biggest problems faced by a Chief Information Security Officer (CISO) and their IT security team are forgotten and stolen passwords. Pre-Requisites Passwordless uses passkeys and platform authenticators as one of the many ways to secure application access without passwords.

Passwords

Passwords Authentication Mobile CISO

LinkedIn Rolls Out New Features to Boost Security

SecureWorld News

OCTOBER 28, 2022

LinkedIn has announced a new set of security features that will help verify user identity, remove fraudulent accounts, and boost authenticity, according to an official blog post from the company. It says this model will help remove fake accounts before they have a chance to connect with legitimate users.

CISO

CISO Accountability Scams Media

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” ” reads the advisory published by Cisco.

Firmware

Firmware Education Media Authentication

Withholding Single Sign-On from SaaS Customers is Bad for Business and Security

Lenny Zeltser

MAY 25, 2023

Moreover, they base a pricing strategy on a weak signal and miss an opportunity to lower their own security risk. SaaS pricing strategies strive to account for the value the product offers. Cannot mitigate account abuse or takeover attacks. Charging for SSO is an understandable but misguided idea.

Marketing

Marketing Authentication Risk Accountability

STYX Marketplace emerged in Dark Web focused on Financial Fraud

Security Affairs

APRIL 5, 2023

The discovery of STYX coincides with Resecurity financial crime risk analysts observing a significant increase in threat actors offering money-laundering services that exploit digital banking and cryptocurrency accounts. Resecurity’s investigation of STYX also yielded the discovery of 100 mules accounts.

Banking

Banking Cybercrime Accountability Risk

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 8, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA) The post CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

Backups

Backups Spyware Ransomware Education

Experts temporarily disrupted the RedLine Stealer operations

Security Affairs

APRIL 18, 2023

The removal of these repositories should break authentication for panels currently in use. The operators behind the RedLine will be forced to set up new panels to recover their operations. No fallback channels were observed.

Malware

Malware Education Media Authentication

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

” CERT-UA urges Ukrainian critical organizations using multi-factor authentication for VPN accounts, network segmentation and filtering of incoming, outgoing and inter-segment information flows. The CERT also provided Indicators of Compromise (IoCs) for these attacks.

VPN

VPN Education Accountability Cyber Attacks

Cloudflare breached on Thanksgiving Day, but the attack was promptly contained

Security Affairs

FEBRUARY 2, 2024

” reads the blog post published by the company. The investigation revealed that the attackers used one access token and three service account credentials that were obtained in Okta compromise of October 2023. Cloudflare admitted having failed to rotate these authentication elements.

Authentication

Authentication Hacking Accountability Information Security

Experts disclosed two critical flaws in Alibaba cloud database services

Security Affairs

APRIL 20, 2023

Once gained access to the K8s API server, the researchers used the node’s kubelet credentials to examine various cluster resources, including secrets, service accounts, and pods. When examining the pod list, we found pods belonging to other tenants in the same cluster. .

Accountability

Accountability Education Media Authentication

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

Volvo’s retailer exposed its database’s authentication information, including MySQL and Redis database hosts, open ports and credentials. The exposure of this key is particularly dangerous because it could have been used to decrypt user cookies, which often hold sensitive information such as credentials or session IDs.

Retail

Retail Manufacturing Passwords Phishing

How MFA and Cyber Liability Insurance Effectively Manage Risk in Higher Education

Duo's Security Blog

OCTOBER 18, 2021

These groups are having lots of discussion around the fact that many campuses are required to use multi-factor authentication (MFA) for their cyber liability insurance. In a recent Duo blog post, we gave an overview of cyber liability insurance. As part of National Cybersecurity Awareness Month and “Do Your Part.

Insurance

Insurance Education Risk Cyber Insurance

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Last week, software firm Ivanti reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x,

VPN

VPN Authentication Small Business Telecommunications

Phishers migrate to Telegram

Security Affairs

APRIL 6, 2023

Data includes verified online banking credentials, in some cases phishers also provides info on the account balances. “For example, the same Telegram channel offered the credentials for a bank account with $1,400 in it for $110, whereas access to an account with a balance of $49,000 was put up for $700.”

Phishing

Phishing Scams Social Engineering Banking

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

“With this level of detail, impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.” ” concludes the report.

Hacking

Hacking VPN Marketing Authentication

Google Authenticator App now supports Google Account synchronization

EvilProxy used in massive cloud account takeover scheme

Webinars

Trending Sources

Hackers Stole Access Tokens from Okta’s Support Unit

Webinars

A “By-Design” flaw in Microsoft Azure can allow storage accounts takeover

Privileged account management challenges: comparing PIM, PUM and PAM

Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers

Top Cybersecurity Accounts to Follow on Twitter

Microsoft fixed Azure AD bug that led to Bing.com results manipulation and account takeover

Many Public Salesforce Sites are Leaking Private Data

Actionable WebAuthn You Can (and Should) Implement Today

How to Evaluate the True Costs of Multi-Factor Authentication

Slickwraps discloses data leak that impacted 850,000 user accounts

Fortinet fixed a critical vulnerability in its Data Analytics product

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

5 API Vulnerabilities That Get Exploited by Criminals

Cisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutions

Fortinet warns of a spike in attacks against TBK DVR devices

China-linked threat actors have breached telcos and network service providers

Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

SAP April 2023 security updates fix critical vulnerabilities

Experts released PoC Exploit code for actively exploited PaperCut flaw

Five Eyes agencies warn of attacks on MSPs

Microsoft Azure flaws could allow accessing PostgreSQL DBs of other customers

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

‘Land Lordz’ Service Powers Airbnb Scams

Removing Passwords, Without Compromising Security

LinkedIn Rolls Out New Features to Boost Security

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Withholding Single Sign-On from SaaS Customers is Bad for Business and Security

STYX Marketplace emerged in Dark Web focused on Financial Fraud

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

Experts temporarily disrupted the RedLine Stealer operations

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Cloudflare breached on Thanksgiving Day, but the attack was promptly contained

Experts disclosed two critical flaws in Alibaba cloud database services

Volvo retailer leaks sensitive files

How MFA and Cyber Liability Insurance Effectively Manage Risk in Higher Education

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Phishers migrate to Telegram

Hackers can hack organizations using data found on their discarded enterprise network equipment

Stay Connected