Authentication, Blog, Education and Information Security

How MFA and Cyber Liability Insurance Effectively Manage Risk in Higher Education

Duo's Security Blog

OCTOBER 18, 2021

One area where campuses have been collaborating recently are changes around cyber liability insurance for higher education, an opportunity for campus cybersecurity teams to combine forces with their risk management team. In a recent Duo blog post, we gave an overview of cyber liability insurance. Higher education campuses in the U.S.

Insurance

Insurance Education Risk Cyber Insurance

Fortinet fixed a critical vulnerability in its Data Analytics product

Security Affairs

APRIL 13, 2023

Successful exploitation can lead to remote, unauthenticated access to Redis and MongoDB instances via crafted authentication requests. ” reads the advisory published by the vendor.

Authentication

Authentication Education Media Hacking

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Security Affairs

APRIL 28, 2023

The company also fixed a high-severity post-authentication command injection issue ( CVE-2023-27991 , CVSS score: 8.8) The vulnerability can be exploited by a remote, authenticated attacker to execute some OS commands. ” reads the advisory published by the vendor. affecting some specific firewall versions. through 5.35.

Firewall

Firewall Firmware VPN Authentication

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

Security Affairs

APRIL 4, 2023

Below is the list of flaws exploited by the ransomware gang’s affiliate: CVE-2021-27876 : The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. It supports multiple authentication schemes: SHA authentication is one of these.

Backups

Backups Ransomware Authentication Penetration Testing

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Security Affairs

MAY 26, 2022

Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users.” using CVE-2022-22972.

Authentication

Authentication Healthcare Education Cybersecurity

Cisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutions

Security Affairs

APRIL 21, 2023

“A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.” ” reads the advisory. “This vulnerability is due to improper input validation when uploading a Device Pack.

Authentication

Authentication Education Media Hacking

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

FortiGuard Labs researchers observed a worrisome level of attacks attempting to exploit an authentication bypass vulnerability in TBK DVR devices. Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices.

Authentication

Authentication Retail Surveillance Education

SAP April 2023 security updates fix critical vulnerabilities

Security Affairs

APRIL 12, 2023

SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. SAP fixed two critical bugs that affect the Diagnostics Agent and the BusinessObjects Business Intelligence Platform.

Education

Education Media Authentication Passwords

CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 22, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control Vulnerability.

Education

Education Media Authentication Cybersecurity

Experts released PoC Exploit code for actively exploited PaperCut flaw

Security Affairs

APRIL 24, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. The PoC code allows attackers to bypass authentication and execute code on vulnerable PaperCut servers. The issue results from improper access control.

Authentication

Authentication Software Education Malware

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” ” reads the advisory published by Cisco.

Firmware

Firmware Education Media Authentication

Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin

Security Affairs

MARCH 31, 2023

and all versions before it, allowing authenticated users, like shop customers or site members, to change the site’s settings and can potentially lead to a complete site takeover. The expert reported that the issue impacts Elementor Pro when it is installed on a site that has WooCommerce activated. The issue impacts version v3.11.6

Authentication

Authentication Education Accountability Media

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Educate your employees on threats and risks such as phishing and malware. Enforce strong passwords and implement multi-factor authentication (MFA) — by educating users about using a unique password for each account and enforcing higher security for privileged accounts (administrators, root).

Cybersecurity

Cybersecurity Cybercrime Education Government

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 8, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA) The post CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

Backups

Backups Spyware Ransomware Education

Experts temporarily disrupted the RedLine Stealer operations

Security Affairs

APRIL 18, 2023

The removal of these repositories should break authentication for panels currently in use. The operators behind the RedLine will be forced to set up new panels to recover their operations. No fallback channels were observed.

Malware

Malware Education Media Authentication

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

.” The researchers reported the issues to the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), which assigned the following five CVEs: Use of Hard-coded Credentials CWE-798 ( CVE-2023–1748 , CVSS3.0: Improper Authentication Validation CWE-287 ( CVE-2023–1752 , CVSS3.0:

Manufacturing

Manufacturing Media Firewall Education

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

“With this level of detail, impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.” ” concludes the report.

Hacking

Hacking VPN Marketing Authentication

Thousands of publicly-exposed Apache Superset installs exposed to RCE attacks

Security Affairs

APRIL 26, 2023

Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources.” The application then validates the signature on the cookie to re-authenticate the user prior to processing the request. ” reads the advisory.

Authentication

Authentication Education Media Hacking

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

” CERT-UA urges Ukrainian critical organizations using multi-factor authentication for VPN accounts, network segmentation and filtering of incoming, outgoing and inter-segment information flows. The CERT also provided Indicators of Compromise (IoCs) for these attacks.

VPN

VPN Education Accountability Cyber Attacks

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

It also discovered Siemens leaking four sets of WordPress users, and three sets of backend and authentication endpoint URLs on different endpoints of the affected systems. Backend and authentication endpoint URLs, used to verify users before giving them access, could lead to attackers testing them for vulnerabilities and exploiting them.

Manufacturing

Manufacturing IoT Technology Authentication

Pro-Russia hacking group executed a disruptive attack against a Canadian gas pipeline

Security Affairs

APRIL 26, 2023

The authenticity of the document was not confirmed, however, this is the first time that a pro-Russia-hacking group execute a disruptive attack against Western critical infrastructure. 15, Zarya shared screenshots with the Federal Security Service — the main successor agency to the K.G.B., “The F.S.B. ” reported the NYT.

Hacking

Hacking Cyber Attacks Education Media

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Cybercrime

Cybercrime Malware Hacking Accountability

A “By-Design” flaw in Microsoft Azure can allow storage accounts takeover

Security Affairs

APRIL 11, 2023

” reads the advisory published by the security firm. .” The issue can also be abused to move laterally in the environment and even execute remote code.

Accountability

Accountability Education Media Authentication

Experts disclosed two critical flaws in Alibaba cloud database services

Security Affairs

APRIL 20, 2023

. “76% of organizations don’t enforce MFA [multi-factor authentication] for console users, while 58% of organizations don’t enforce MFA for root/admin users,” the cybersecurity firm said.

Accountability

Accountability Education Media Authentication

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities Catalog. Last week, the U.S.

Cybercrime

Cybercrime Software Education Ransomware

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

Volvo’s retailer exposed its database’s authentication information, including MySQL and Redis database hosts, open ports and credentials. Exposed sensitive files On February 17, 2023, the Cybernews research team discovered public access to sensitive files hosted on dimasvolvo.com.br

Retail

Retail Manufacturing Passwords Phishing

Experts devised a new exploit for the PaperCut flaw that can bypass all current detection

Security Affairs

MAY 4, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of SYSTEM. The CVE-2023-27350 flaw is a PaperCut MF/NG Improper Access Control Vulnerability.

Education

Education Malware Software Cybersecurity

Microsoft fixed Azure AD bug that led to Bing.com results manipulation and account takeover

Security Affairs

APRIL 3, 2023

’ The shared responsibility model allows application owners to add an authentication function by simply clicking a button. ” The experts discovered that other apps were impacted by the misconfiguration issue, including Mag News, Central Notification Service (CNS), Contact Center, PoliCheck, Power Automate Blog, and COSMOS.

Accountability

Accountability Education Media Authentication

Phishers migrate to Telegram

Security Affairs

APRIL 6, 2023

These bots allows phishers to bypass 2FA (two-factor authentication) protections automatically. Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Phishing) The post Phishers migrate to Telegram appeared first on Security Affairs.

Phishing

Phishing Scams Social Engineering Banking

University admission platform Leverage EDU exposed student passports

Security Affairs

MAY 16, 2023

As no authentication was required, anybody could access all of the student’s personal information needed to apply to universities. It claims to have a network of over 650 educational institutions worldwide and 80 million users over the last year.

Identity Theft

Identity Theft Education Banking Risk

Panchan Golang P2P botnet targeting Linux servers in cryptomining campaign

Security Affairs

JUNE 15, 2022

Researchers discovered a new Golang-based peer-to-peer (P2P) botnet, dubbed Panchan, targeting Linux servers in the education sector since March 2022. Akamai security researchers discovered a new Golang-based P2P Botnet, tracked as Panchan, that is targeting Linux servers that has been active since March 2022. Pierluigi Paganini.

Malware

Malware Cryptocurrency Education Engineering

NIS2 Framework: Your Key To Achieving Cybersecurity Excellence

Centraleyes

JANUARY 21, 2024

As a global trailblazer in information security and data protection regulation, the EU continues to lead the way in comprehensive cybersecurity standards. Educate and Raise Awareness: Board Education and Employee Engagement Make cybersecurity a priority on the management board agenda.

Cybersecurity

Cybersecurity Energy and Utilities Cyber threats Risk

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Accountability

Accountability VPN Manufacturing Firewall

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

is affected by multiple vulnerabilities that can be exploited by an authenticated, remote attacker to execute code on an affected system or cause vulnerable devices to reload. .” The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 through 15.6 and IOS XE 2.2 through 3.17

Malware

Malware Firmware Government Education

Iranian hackers access unsecured HMI at Israeli Water Facility

Security Affairs

DECEMBER 4, 2020

. “The reservoir’s HMI system was connected directly to the internet, without any security appliance defending it or limiting access to it. Furthermore, at the time of the publication, the system did not use any authentication method upon access.” ” reads the blog post published by OTORIO.

Cyber Attacks

Cyber Attacks Hacking Authentication Education

STYX Marketplace emerged in Dark Web focused on Financial Fraud

Security Affairs

APRIL 5, 2023

The rapidly evolving threat facing FIs today is that fraudsters have learned how to successfully game Know Your Customer (KYC) and business authentication processes successfully. This is why it’s vital to promote agile and preemptive CyFI exchange between FIs and regulatory oversight agencies.

Banking

Banking Cybercrime Accountability Risk

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

The SEABORGIUM group primarily focuses operations on defense and intelligence consulting companies, non-governmental organizations (NGOs) and intergovernmental organizations (IGOs), think tanks, and higher education. The group also targets former intelligence officials, experts in Russian affairs, and Russian citizens abroad.

Phishing

Phishing Media Hacking Education

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. ” reads the joint report. ” continues the report.

Energy and Utilities

Energy and Utilities Government Firewall Malware

Cyber Security Roundup for February 2021

Security Boulevard

FEBRUARY 1, 2021

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, January 2021. Mimecast confirmed a related certificate compromise after they were informed by Microsoft as part of their investigative efforts. Cyber Security Careers Advice.

Artificial Intelligence

Artificial Intelligence Ransomware Education Cybersecurity

How CISOs Can Impact Security for All

Cisco Security

APRIL 26, 2021

If there’s anyone who’s been put through their paces in the security industry, it’s Helen Patton , our new Advisory Chief Information Security Officer (CISO). And before that she spent about 10 years as a security leader at JPMorgan Chase. CISOs have to be both influencers and educators.

CISO

CISO Education Technology Media

Ways to Develop a Cybersecurity Training Program for Employees

Security Affairs

APRIL 15, 2022

While you may disagree, data breach studies show that employees and negligence are the most typical causes of security breaches, yet these prevalent issues are least discussed. While there are numerous approaches to promoting a more cyber secure workplace, here are the most common and effective ways: Trick Employees via a Phishing Campaign.

Cybersecurity

Cybersecurity Data privacy Data breaches Phishing

Topic-specific policy 4/11: information transfer

Notice Bored

OCTOBER 14, 2021

"Information transfer" is another ambiguous, potentially misleading title for a policy, even if it includes "information security". Transmission of information through broadcasting, training and awareness activities, reporting, policies, documentation, seminars, publications, blogs etc.,

Information Security

Information Security Risk Media Encryption

Ensuring Security in M&A: An Evolution, Not Revolution

Cisco Security

OCTOBER 24, 2022

This blog is the final in a series focused on M&A cybersecurity, following Dan Burke’s post on Making Merger and Acquisition Cybersecurity More Manageable. Because Cisco is now the ultimate responsible party of that acquisition, we make sure that the acquisition adheres to a minimum level of security policy standards and guidelines.”.

Education

Education Risk Cybersecurity Technology

What the Email Security Landscape Looks Like in 2023

Security Affairs

MAY 12, 2023

In a phishing attack, an individual receives an email from a sender that seems legitimate with a request to share information, log into a system, or click a link. At this point, the bad actor has access to the information they were after. Training users to be more aware.

Phishing

Phishing Social Engineering Small Business B2B

How MFA and Cyber Liability Insurance Effectively Manage Risk in Higher Education

Fortinet fixed a critical vulnerability in its Data Analytics product

Trending Sources

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Cisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutions

Fortinet warns of a spike in attacks against TBK DVR devices

SAP April 2023 security updates fix critical vulnerabilities

CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

Experts released PoC Exploit code for actively exploited PaperCut flaw

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

Experts temporarily disrupted the RedLine Stealer operations

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Hackers can hack organizations using data found on their discarded enterprise network equipment

Thousands of publicly-exposed Apache Superset installs exposed to RCE attacks

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Siemens Metaverse exposes sensitive corporate data

Pro-Russia hacking group executed a disruptive attack against a Canadian gas pipeline

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

A “By-Design” flaw in Microsoft Azure can allow storage accounts takeover

Experts disclosed two critical flaws in Alibaba cloud database services

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Volvo retailer leaks sensitive files

Experts devised a new exploit for the PaperCut flaw that can bypass all current detection

Microsoft fixed Azure AD bug that led to Bing.com results manipulation and account takeover

Phishers migrate to Telegram

University admission platform Leverage EDU exposed student passports

Panchan Golang P2P botnet targeting Linux servers in cryptomining campaign

NIS2 Framework: Your Key To Achieving Cybersecurity Excellence

China-linked APT Volt Typhoon targets critical infrastructure organizations

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Iranian hackers access unsecured HMI at Israeli Water Facility

STYX Marketplace emerged in Dark Web focused on Financial Fraud

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Cyber Security Roundup for February 2021

How CISOs Can Impact Security for All

Ways to Develop a Cybersecurity Training Program for Employees

Topic-specific policy 4/11: information transfer

Ensuring Security in M&A: An Evolution, Not Revolution

What the Email Security Landscape Looks Like in 2023

Stay Connected