Krebs on Security

APRIL 27, 2023

Customers can access a Salesforce Community website in two ways: Authenticated access (requiring login), and guest user access (no login required). This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information.

Banking 294

Banking Government Information Security Authentication 294

Duo's Security Blog

MAY 13, 2024

While our customers love us for our ease of use, flexibility and focus on security, a lot of end users think of Duo the way they think of floss, bike helmets and low-sodium foods. Secure authentication isn’t fun, but you put up with it as part of your day because you know it’s keeping you safer.

Authentication 58

Authentication VPN Healthcare Risk 58

Security Affairs

APRIL 4, 2023

Below is the list of flaws exploited by the ransomware gang’s affiliate: CVE-2021-27876 : The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. It supports multiple authentication schemes: SHA authentication is one of these.

Backups 92

Backups Ransomware Authentication Penetration Testing 92

Duo's Security Blog

JANUARY 23, 2024

Throughout 2023, we’ve heard about many high-profile security incidents targeting a wide range of publicly listed companies. Additionally, Chief Information Security Officers (CISOs) have also been under scrutiny for the actions they’ve taken to address these issues. Can your organization exclusively support WebAuthn?

Authentication 89

Authentication Accountability CISO Technology 89

Security Affairs

APRIL 21, 2023

“A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.” ” reads the advisory. “This vulnerability is due to improper input validation when uploading a Device Pack.

Authentication 90

Authentication Education Media Hacking 90

Security Affairs

MAY 26, 2022

Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users.” using CVE-2022-22972.

Authentication 139

Authentication Healthcare Education Cybersecurity 139

Security Affairs

APRIL 28, 2023

The company also fixed a high-severity post-authentication command injection issue ( CVE-2023-27991 , CVSS score: 8.8) The vulnerability can be exploited by a remote, authenticated attacker to execute some OS commands. ” reads the advisory published by the vendor. affecting some specific firewall versions. through 5.35.

Firewall 93

Firewall Firmware VPN Authentication 93

Security Affairs

APRIL 13, 2023

Successful exploitation can lead to remote, unauthenticated access to Redis and MongoDB instances via crafted authentication requests. ” reads the advisory published by the vendor.

Authentication 80

Authentication Education Media Hacking 80

Security Affairs

NOVEMBER 1, 2023

CVE-2023-46748 F5 BIG-IP SQL Injection Vulnerability – F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with network access through the BIG-IP management port and/or self IP addresses to execute system commands. states the advisory.

Authentication 109

Authentication Hacking Risk Cybersecurity 109

Security Affairs

MAY 2, 2023

FortiGuard Labs researchers observed a worrisome level of attacks attempting to exploit an authentication bypass vulnerability in TBK DVR devices. Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices.

Authentication 98

Authentication Retail Surveillance Education 98

Security Affairs

APRIL 24, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. The PoC code allows attackers to bypass authentication and execute code on vulnerable PaperCut servers. The issue results from improper access control.

Authentication 94

Authentication Software Education Malware 94

Security Affairs

MAY 26, 2022

CVE-2022-26531 : Multiple improper input validation flaws were identified in some CLI commands of some firewall, AP controller, and AP versions that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook.

Firewall 122

Firewall VPN Authentication Cyber Attacks 122

Security Affairs

OCTOBER 24, 2023

VMware is aware of the availability of a proof-of-concept (PoC) exploit code for an authentication bypass flaw in VMware Aria Operations for Logs. is an authentication bypass vulnerability in VMware Aria Operations for Logs. See blog above for more details. The vulnerability CVE-2023-34051 (CVSS score 8.1)

Authentication 115

Authentication Hacking Cybersecurity Information Security 115

Duo's Security Blog

DECEMBER 6, 2022

When someone is told that passwords are going away in favor of a new, “password-less” authentication method, a healthy dose of skepticism is not unwarranted. Experts in the fields of data protection and information security now look towards new technologies to make system access much more secure. What is WebAuthn?

Architecture 103

Architecture Authentication Passwords Technology 103

Security Affairs

MAY 18, 2022

VMware addressed a critical authentication bypass vulnerability “affecting local domain users” in multiple products. “VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users.” To nominate, please visit:? Pierluigi Paganini.

Authentication 82

Authentication Hacking Cybersecurity Information Security 82

SC Magazine

JULY 2, 2021

In a blog by the Bitdefender Antispam Lab, the researchers said most of the emails use COVID-19 as a way to dupe users into clicking on a bogus document. King added that all those controls will fail from time to time, so security teams need to invest in security awareness training so users can quickly recognize the signs of a phish.

Phishing 136

Phishing Authentication Security Awareness Media 136

Security Affairs

MAY 25, 2023

D-Link fixed two critical flaws in its D-View 8 network management suite that could lead to authentication bypass and arbitrary code execution. in its D-View 8 network management suite that could be exploited by remote attackers to bypass authentication and execute arbitrary code. ” reads the advisory published by ZDI.

Firmware 92

Firmware Authentication Software Hacking 92

Security Affairs

MAY 11, 2023

The remaining ones are authentication bypass and command injection flaws. Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Hacking 95

Hacking Firmware Authentication DNS 95

Security Affairs

MAY 10, 2022

The flaw can be exploited by an unauthenticated attacker to force a domain controller to authenticate against another server using NTLM. “An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate to the attacker using NTLM. To nominate, please visit:?

Authentication 115

Authentication Hacking Software Cybersecurity 115

Security Affairs

APRIL 12, 2023

SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. SAP fixed two critical bugs that affect the Diagnostics Agent and the BusinessObjects Business Intelligence Platform.

Education 82

Education Media Authentication Passwords 82

Duo's Security Blog

FEBRUARY 13, 2024

Then, in turn, they can digitally sign that message and use that secret to set up an encrypted session to send it back and then both parties can communicate bidirectionally securely. Using concepts from Public Key Cryptography WebAuthn was born to verify identity securely. So, we began with the use of passwords.

eCommerce 63

eCommerce Authentication Encryption Passwords 63

Security Affairs

JUNE 11, 2022

PACMAN is a novel hardware attack technique that can allow attackers to bypass Pointer Authentication (PAC) on the Apple M1 CPU. The pointer authentication codes (PACs) allow to detect and guard against unexpected changes to pointers in memory. ” reads the research paper published by the researchers. ” reads the paper.

Authentication 96

Authentication Artificial Intelligence Architecture Hacking 96

Security Affairs

OCTOBER 10, 2022

Fortinet has confirmed that the recently disclosed critical authentication bypass issue (CVE-2022-40684) is being exploited in the wild. Last week, Fortinet addressed a critical authentication bypass flaw, tracked as CVE-2022-40684 , that impacted FortiGate firewalls and FortiProxy web proxies. Blog post and POC coming later this week.

Authentication 105

Authentication Firewall Hacking Risk 105

Duo's Security Blog

OCTOBER 18, 2021

These groups are having lots of discussion around the fact that many campuses are required to use multi-factor authentication (MFA) for their cyber liability insurance. In a recent Duo blog post, we gave an overview of cyber liability insurance. As part of National Cybersecurity Awareness Month and “Do Your Part.

Insurance 96

Insurance Education Risk Cyber Insurance 96

Security Affairs

APRIL 15, 2022

Cisco has released security patches to fix a critical vulnerability (CVSS score 10), tracked as CVE-2022-20695 , in Cisco Wireless LAN Controller (WLC). A remote, unauthenticated attacker could exploit the flaw to bypass authentication and log in to the device through the management interface. or Release 8.10.162.0 Pierluigi Paganini.

Wireless 87

Wireless Software Authentication Mobile 87

Security Affairs

MARCH 31, 2023

and all versions before it, allowing authenticated users, like shop customers or site members, to change the site’s settings and can potentially lead to a complete site takeover. The expert reported that the issue impacts Elementor Pro when it is installed on a site that has WooCommerce activated. The issue impacts version v3.11.6

Authentication 97

Authentication Education Accountability Media 97

Security Affairs

APRIL 22, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control Vulnerability.

Education 89

Education Media Authentication Cybersecurity 89

Security Affairs

JUNE 21, 2022

Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay DC authentication to ADCS? Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?.

Authentication 118

Authentication Hacking Cybersecurity Information Security 118

Duo's Security Blog

JANUARY 26, 2024

In today’s complex IT landscape, one of the biggest problems faced by a Chief Information Security Officer (CISO) and their IT security team are forgotten and stolen passwords. Pre-Requisites Passwordless uses passkeys and platform authenticators as one of the many ways to secure application access without passwords.

Passwords 80

Passwords Authentication Mobile CISO 80

Security Affairs

NOVEMBER 22, 2022

In its API Security Top 10 , the Open Web Application Security Project (OWASP) identifies the top ten threats to APIs. Broken Object Level Authentication (BOLA). APIs with broken object level authentication allow attackers to easily exploit API endpoints by manipulating the ID of an object sent within an API request.

Authentication 120

Authentication B2B Accountability Digital transformation 120

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting. To nominate, please visit:?.

Telecommunications 95

Telecommunications Authentication Passwords Accountability 95

Security Affairs

JANUARY 16, 2024

Last week, software firm Ivanti reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x,

VPN 86

VPN Authentication Small Business Telecommunications 86

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” ” reads the advisory published by Cisco.

Firmware 84

Firmware Education Media Authentication 84

Security Affairs

JUNE 17, 2022

On March 25, Sophos announced to have fixed the authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall. A remote attacker with access to the Firewall’s User Portal or Webadmin interface can exploit the flaw to bypass authentication and execute arbitrary code.

Firewall 126

Firewall DNS Authentication Malware 126

Security Affairs

APRIL 24, 2023

“With this level of detail, impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.” ” concludes the report.

Hacking 91

Hacking VPN Marketing Authentication 91

Security Affairs

APRIL 18, 2023

The removal of these repositories should break authentication for panels currently in use. The operators behind the RedLine will be forced to set up new panels to recover their operations. No fallback channels were observed.

Malware 85

Malware Education Media Authentication 85

Security Affairs

APRIL 8, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA) The post CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

Backups 80

Backups Spyware Ransomware Education 80