Article, Authentication and System Administration

Article

Authentication

System Administration

Critical flaw in ManageEngine Desktop Central MSP tool exploited in the wild

CSO Magazine

DECEMBER 7, 2021

Hackers are exploiting a critical authentication bypass vulnerability in ManageEngine Desktop Central MSP, an endpoint management tool used by managed service providers (MSPs). To read this article in full, please click here ManageEngine is a division of business software developer Zoho that's focused on IT management software.

System Administration

System Administration Authentication Software

Latest on the SVR’s SolarWinds Hack

Schneier on Security

JANUARY 5, 2021

The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). Interviews with key players investigating what intelligence agencies believe to be an operation by Russia’s S.V.R.

Hacking

Hacking System Administration Software Surveillance

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

A journey into forgotten Null Session and MS-RPC interfaces

SecureList

MAY 23, 2024

Today, although null sessions still exist and are enabled by default on domain controllers (most likely for compatibility purposes), most system administrators close this capability by hardening the security policies and monitoring domain controller activities, including anonymous access through SMB.

Authentication

Authentication System Administration Cybersecurity

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Microsoft provides more mitigation instructions for the PetitPotam attack

Malwarebytes

JULY 29, 2021

In a revision of KnowledgeBase article KB5005413 , Microsoft has provided more elaborate mitigation instructions for the PetitPotam attacks that were disclosed a week ago. The attack could force remote Windows systems to reveal password hashes that could then be easily cracked. PetitPotam. Pass the hash. The hash is enough.

Authentication

Authentication Passwords Encryption System Administration

ETWHash – “He who listens, shall receive”

LRQA Nettitude Labs

MAY 3, 2023

These messages can be captured and analysed by security professionals or system administrators for various purposes, including debugging and performance analysis. However, as demonstrated in this short article, ETW can also be a great resource for offense, finding providers useful for passive situational awareness.

Authentication

Authentication System Administration Technology

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

Broken Authentication 5. Broken Authentication 5. Mitigation: implement authentication and authorization controls according to the role-based access model. An XSS attack against the application’s clients can be used for obtaining user authentication information, such as cookies, phishing or spreading malware.

Passwords

Passwords Authentication Architecture Risk

Take action! Multiple Pulse Secure VPN vulnerabilities exploited in the wild

Malwarebytes

APRIL 21, 2021

Cybersecurity sleuths Mandiant report that they are tracking “12 malware families associated with the exploitation of Pulse Secure VPN devices” operated by groups using a set of related techniques to bypass both single and multi-factor authentication. According to some articles the threat-actors are linked to China.

VPN

VPN Authentication Malware System Administration

Make It Your Own: Brand Customization With Our Universal Prompt

Duo's Security Blog

NOVEMBER 16, 2020

The project touches many aspects of Duo, but focuses on drastically improving Duo’s web-based authentication interface. A consistent request we’ve heard from customers is, ‘we want more flexibility around customizing the authentication prompt. The interface, or prompt, is a core component in delivering our secure access solution.

Authentication

Authentication System Administration Mobile Phishing

Privileged account management challenges: comparing PIM, PUM and PAM

CyberSecurity Insiders

NOVEMBER 18, 2021

Numerous articles, vulnerability reports, and analytical materials prove this fact. This can be carried out directly or using a shadow payload or using a phishing attack aimed at compromising the user's system. The concept of PIM, in contrast to PAM, is aimed at managing existing accounts: administrator, root, etc.

Accountability

Accountability Passwords Authentication Social Engineering

Addressing Remote Desktop Attacks and Security

eSecurity Planet

MARCH 25, 2022

This article looks at the remote desktop protocol, how RDP attacks work, best practices for defense, the prevalence of RDP attacks today, and how remote desktop software vendors are securing their clients. A few days later, IT systems started malfunctioning with ransom messages following. Reconnaissance.

VPN

VPN Software Authentication Encryption

Top 12 Cloud Security Best Practices for 2021

eSecurity Planet

SEPTEMBER 10, 2021

What authentication methods does the provider support? Additionally, multi-factor authentication (MFA) can further reduce the risk of malicious actors gaining access to sensitive information, even if they manage to steal usernames and passwords. This article was originally published on May 24, 2017. Enable security logs.

Penetration Testing

Penetration Testing Encryption Risk Technology

Anatomy Of A Phishing Kit

SiteLock

APRIL 7, 2022

In this article, we look at a few phishing kits that were recently found in customer sites and compare their structure and complexity. This article is going to explore two different phishing kits that we have found and highlight the ways in which they can be detected and avoided. What Is A Phishing Kit? Phishing Kit – Citi Group.

Phishing

Phishing Engineering System Administration Malware

macOS 11’s hidden security improvements

Malwarebytes

AUGUST 18, 2021

In this article, I describe poorly-documented, or completely undocumented, features that could stop working as advertised or disappear completely without notice in future releases of macOS. Signed System Volume (SSV) cryptographically sealed the boot volume and made it tamper-evident. Again, see support article HT210108.

Firmware

Firmware Architecture Risk Engineering

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

Adam Levin

APRIL 8, 2019

Facebook’s Two-Factor Authentication phone numbers exposed: After prompting users to provide phone numbers to secure their accounts, Facebook allows anyone to look up their account by using them. Denying anything happened gives system administrators more time to identify and patch newly discovered vulnerabilities.

Hacking

Hacking Data privacy Artificial Intelligence System Administration

Establish security boundaries in your on-prem AD and Azure environment

Security Boulevard

JUNE 20, 2022

They recommend tiered administration with dedicated admin accounts. Admins should use a hardened Privileged Access Workstation (PAW) when performing administrative tasks, and the admin session must require Multi-Factor Authentication (MFA) and Just-In-Time (JIT) restrictions. Sometimes we cannot use deny rules, though.

Accountability

Accountability Risk Authentication Passwords

Cyber Security Informer

Critical flaw in ManageEngine Desktop Central MSP tool exploited in the wild

Latest on the SVR’s SolarWinds Hack

Webinars

Trending Sources

A journey into forgotten Null Session and MS-RPC interfaces

Webinars

Microsoft provides more mitigation instructions for the PetitPotam attack

ETWHash – “He who listens, shall receive”

Top 10 web application vulnerabilities in 2021–2023

Take action! Multiple Pulse Secure VPN vulnerabilities exploited in the wild

Make It Your Own: Brand Customization With Our Universal Prompt

Privileged account management challenges: comparing PIM, PUM and PAM

Addressing Remote Desktop Attacks and Security

Top 12 Cloud Security Best Practices for 2021

Anatomy Of A Phishing Kit

macOS 11’s hidden security improvements

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

Establish security boundaries in your on-prem AD and Azure environment

Stay Connected