Authentication, Encryption, Hacking and Information Security

Experts published PoC exploits for Arcserve UDP authentication bypass issue

Security Affairs

JUNE 29, 2023

Data protection firm Arcserve addressed an authentication bypass vulnerability in its Unified Data Protection (UDP) backup software. Data protection vendor Arcserve addressed a high-severity bypass authentication flaw, tracked as CVE-2023-26258, in its Unified Data Protection (UDP) backup software. Arcserve released UDP 9.1

Authentication

Authentication Backups Ransomware Software

MY TAKE: Agile cryptography is coming, now that ‘attribute-based encryption’ is ready for prime time

The Last Watchdog

MAY 3, 2021

Encryption agility is going to be essential as we move forward with digital transformation. All of the technical innovation cybersecurity vendors are churning out to deal with ever-expanding cyber risks, at the end of the day, come down to protecting encrypted data. Refer: The vital role of basic research.

Encryption

Encryption Retail Digital transformation Authentication

Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks

Security Affairs

MAY 29, 2023

Experts warn of phishing attacks that are combining the use of compromised Microsoft 365 accounts and.rpmsg encrypted emails. Trustwave researchers have observed threat actors using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts in a phishing campaign aimed at stealing Microsoft credentials.

Encryption

Encryption Phishing Accountability Authentication

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Over 92,000 Internet-facing D-Link NAS devices can be easily hacked

Security Affairs

APRIL 7, 2024

This trick allows attackers to obtain bypass authentication. “Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the system, potentially leading to unauthorized access to sensitive information, modification of system configurations, or denial of service conditions.”

Internet

Internet Internet DNS Hacking

New Hive ransomware variant is written in Rust and use improved encryption method

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The most important change in the latest Hive variant is the encryption mechanism it adopts. SecurityAffairs – hacking, Hive ransomware). ” continues Microsoft. .

Encryption

Encryption Ransomware Cybercrime Malware

GoTo revealed that threat actors stole customers’ backups and encryption key for some of them

Security Affairs

JANUARY 24, 2023

GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. “Upon learning of the incident, we immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement. . ” continues the notice.

Backups

Backups Encryption Data breaches Passwords

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. The fact that there are so many different APIs is the main challenge for enterprises when it comes to API security.

Hacking

Hacking Penetration Testing Data breaches Authentication

LastPass revealed that intruders had internal access for four days during the August hack

Security Affairs

SEPTEMBER 18, 2022

The Password management solution LastPass revealed that the threat actors had access to its systems for four days during the August hack. Password management solution LastPass shared more details about the security breach that the company suffered in August 2022. had successfully authenticated using multi-factor authentication.”

Hacking

Hacking Password Management Passwords Authentication

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Security Affairs

AUGUST 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data.

VPN

VPN Ransomware Hacking Education

Apple created post-quantum cryptographic protocol PQ3 for iMessage

Security Affairs

FEBRUARY 24, 2024

Messaging services use classical public key cryptography, such as RSA, Elliptic Curve signatures, and Diffie-Hellman key exchange, to establish secure end-to-end encrypted connections between devices. However, researchers believe that a sufficiently powerful quantum computer could compromise of end-to-end encrypted communications.

Encryption

Encryption Authentication Hacking Accountability

Over 500K MikroTik RouterOS systems potentially exposed to hacking due to critical flaw

Security Affairs

JULY 26, 2023

Experts warn of a severe privilege escalation, tracked as CVE-2023-30799 , in MikroTik RouterOS that can be exploited to hack vulnerable devices. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface.” “MikroTik RouterOS stable before 6.49.7

Hacking

Hacking Passwords Authentication Encryption

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware operators implement a double extortion model by exfiltrating victims’ data before encrypting it.

Ransomware

Ransomware Encryption Antivirus VPN

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

The ZIP archives contain a compressed executable payload that, if executed, will start the encryption process with LockBit Black ransomware. Password Management : Use strong, unique passwords and implement multi-factor authentication (MFA) whenever possible, prioritizing authentication apps or hardware tokens over SMS text-based codes.

Phishing

Phishing Ransomware Security Awareness Authentication

Poland’s authorities investigate a hacking attack on country’s railways

Security Affairs

AUGUST 27, 2023

The Polish domestic security agency is investigating a hacking attack on the national railways, Polish media report. Poland’s Internal Security Agency (ABW) and national police have launched an investigation into a hacking attack on the state’s railway network.

Hacking

Hacking Media Encryption Authentication

GravityRAT returns disguised as an end-to-end encrypted chat app

Security Affairs

NOVEMBER 13, 2021

Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. SecurityAffairs – hacking, GravityRAT). Pierluigi Paganini.

Encryption

Encryption Malware Media Authentication

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. An attacker with access to the dispenser controller’s USB port can install an outdated or modified firmware version to bypass the encryption and make cash withdrawals.

Hacking

Hacking Firmware Encryption Manufacturing

FragAttacks vulnerabilities expose all WiFi devices to hack

Security Affairs

MAY 12, 2021

CVE-2020-24587 : mixed key attack (reassembling fragments encrypted under different keys). while the implementation vulnerabilities are: CVE-2020-26145 : Accepting plaintext broadcast fragments as full frames (in an encrypted network). CVE-2020-26146 : Reassembling encrypted fragments with non-consecutive packet numbers.

Hacking

Hacking Encryption Authentication Internet

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Security Affairs

FEBRUARY 19, 2020

With this technique, the system runs with as much efficiency as possible without sacrificing security, especially since there are measures in place at all times. Encryption. When information is moving from one source to another, it’s particularly susceptible to attacks and theft. Password Protection & Authentication.

Artificial Intelligence

Artificial Intelligence Information Security Passwords Encryption

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Security Affairs

FEBRUARY 12, 2024

Public Wi-Fi users are prime targets for MITM attacks because the information they send is often not encrypted, meaning it’s easy for hackers to access your data. Look for the “https” in the website’s URL—it means there’s some level of encryption.

DNS

DNS VPN Encryption Passwords

Team Liquid’s wiki leak exposes 118K users

Security Affairs

JANUARY 12, 2024

According to researchers, the leak revealed an authentication server with login details and information on Liquipedia’s users along with authentication details for Liquipedia admins. A part of the exposed information was contained in a user collection weighing 77MB, containing data on nearly 119,000 users.

Authentication

Authentication Media Accountability Encryption

Watch out, a new critical flaw affects Fortra GoAnywhere MFT

Security Affairs

JANUARY 23, 2024

Fortra addressed a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) product. Fortra warns customers of a new authentication bypass vulnerability tracked as CVE-2024-0204 (CVSS score 9.8), impacting the GoAnywhere MFT (Managed File Transfer) product.

Authentication

Authentication Engineering Encryption Hacking

B. Braun Infusomat pumps could be hacked to alter medication doses

Security Affairs

AUGUST 27, 2021

Braun ‘s Infusomat Space Large Volume Pump and SpaceStation that could be remotely hacked. CVE-2021-33885 – Insufficient Verification of Data Authenticity (CVSS 9.7) CVE-2021-33882 – Missing Authentication for Critical Function (CVSS 8.2) CVE-2021-33883 – Cleartext Transmission of Sensitive Information (CVSS 7.1)

Hacking

Hacking Authentication Internet Internet

Multiple Brocade SANnav SAN Management SW flaws allow device compromise

Security Affairs

APRIL 28, 2024

The following vulnerabilities, discovered by the security researcher Pierre Barre , impact all versions up to 2.3.0 The following vulnerabilities, discovered by the security researcher Pierre Barre , impact all versions up to 2.3.0 These switches are running Linux and are powerful. They are ideal to host implants.”

Firewall

Firewall Authentication Architecture Backups

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords

Passwords Hacking Wireless Authentication

3.4 Million user records from LiveAuctioneers hack available for sale

Security Affairs

JULY 14, 2020

.” According to the company, attackers accessed personal details of the users, including names, email addresses, mailing addresses, phone numbers, and also encrypted passwords. The company confirmed that the an investigation into the hack is still ongoing. SecurityAffairs – hacking, LiveAuctioneers ). Pierluigi Paganini.

Hacking

Hacking Data breaches Identity Theft Advertising

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Security Affairs

FEBRUARY 26, 2020

A high-severity hardware vulnerability, dubbed Kr00k , in Wi-Fi chips manufactured by Broadcom and Cypress expose over a billion devices to hack. This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication.” ” continues ESET.

Encryption

Encryption Wireless Manufacturing Advertising

Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition

Security Affairs

JUNE 4, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Spyware

Spyware Hacking Malware Social Engineering

MY TAKE: Why ‘basic research’ is so vital to bringing digital transformation to full fruition

The Last Watchdog

MARCH 17, 2021

Brent Waters, a rock star computer scientist at the University of Texas, enthusiastically accepted a distinguished scientist post to continue his award-winning studies on a couple of breakthrough areas of cryptography: attribute-based encryption and functional encryption. More about these paradigm shifters below. Need to know basis.

Digital transformation

Digital transformation Encryption Technology Mobile

miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug

Security Affairs

JUNE 29, 2023

A critical authentication bypass flaw in miniOrange’s WordPress Social Login and Register plugin, can allow gaining access to any account on a site. “This is due to insufficient encryption on the user being supplied during a login validated through the plugin. The flaw, tracked as CVE-2023-2982 (CVSS Score : 9.8)

Firewall

Firewall Authentication Encryption Accountability

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

“Retailers must take meaningful steps to protect consumers’ credit and debit card information from theft when they shop,” said Massachusetts AG Maura Healey. SecurityAffairs – hacking, Data breach). million settlement over 2014 data breach appeared first on Security Affairs. ” . .

Retail

Retail Data breaches Penetration Testing Password Management

Terrapin attack allows to downgrade SSH protocol security

Security Affairs

JANUARY 2, 2024

. “The attack can be performed in practice, allowing an attacker to downgrade the connection’s security by truncating the extension negotiation message (RFC8308) from the transcript. Another pre-requirement is that the connection must be secured by either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC.

Authentication

Authentication Encryption Hacking Information Security

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

When accessed remotely, the virtual media service allows plaintext authentication, sends most traffic unencrypted, uses a weak encryption algorithm for the rest, and is susceptible to an authentication bypass. The post USBAnywhere BMC flaws expose Supermicro servers to hack appeared first on Security Affairs.

Hacking

Hacking Firmware Media Authentication

Owowa, a malicious IIS Server module used to steal Microsoft Exchange credentials

Security Affairs

DECEMBER 15, 2021

Once a user has successfully authenticated on the OWA authentication web page, the Owawa module captures its credential. The module verifies the successful authentication by checking that the OWA application is sending an authentication token back to the user. SecurityAffairs – hacking, Owowa). Pierluigi Paganini.

Encryption

Encryption Authentication Passwords Internet

North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack

Security Affairs

NOVEMBER 25, 2023

MagicLine4NX is a joint certificate program developed by Dream Security, a South Korean company. . “In March 2023, cyber actors used the software vulnerabilities of security authentication and network-linked systems in series to gain unauthorised access to the intranet of a target organisation.”

Software

Software Authentication Internet Internet

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

In particular, ransomware, which encrypts users’ data and demands a cryptocurrency ransom for their release or to avoid a dataleak, is becoming increasingly prevalent, causing financial and operational damage to individuals and businesses worldwide. Education improves awareness” is his slogan.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

15 Cybersecurity Measures for the Cloud Era

Security Affairs

APRIL 8, 2022

Authentication. Two-factor authentication is another important security measure for the cloud era. Increasingly, passwordless authentication is becoming the norm. Not all providers are created equal, and it’s important to do your research to find one that will meet your specific needs and security requirements.

Cybersecurity

Cybersecurity Passwords Penetration Testing Encryption

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. The configuration of the VPN solutions is important to keep organizations secure and to avoid dangerous surprises. SecurityAffairs – hacking, Fortigate VPN). Pierluigi Paganini.

VPN

VPN Hacking IoT Advertising

Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204

Security Affairs

JANUARY 24, 2024

Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra’s GoAnywhere MFT (Managed File Transfer). The security experts also published a proof-of-concept (PoC) exploit that allows the creation of new admin users on vulnerable instances exposed online.

Authentication

Authentication Hacking Engineering Encryption

Most of Exim email servers could be hacked by exploiting 21Nails flaws

Security Affairs

MAY 4, 2021

If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, 21Nails flaws). The post Most of Exim email servers could be hacked by exploiting 21Nails flaws appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Hacking

Hacking Software Engineering Encryption

Microsoft releases out-of-band update to fix Kerberos auth issues caused by a patch for CVE-2022-37966

Security Affairs

NOVEMBER 23, 2022

Microsoft released an out-of-band update to fix problems tied to a recent Windows security patch that caused Kerberos authentication issues. Microsoft released an out-of-band update to address issues caused by a recent Windows security patch that causes Kerberos authentication problems. Pierluigi Paganini.

Authentication

Authentication Encryption Hacking Accountability

Microsoft publishes mitigations for the PetitPotam attack

Security Affairs

JULY 26, 2021

A few days ago, security researcher Gilles Lionel (aka Topotam ) has discovered a vulnerability in the Windows operating system that allows an attacker to force remote Windows machines to authenticate and share their password hashes with him. Guidance at [link] — Security Response (@msftsecresponse) July 24, 2021.

Authentication

Authentication Passwords Encryption Hacking

Statc Stealer, a new sophisticated info-stealing malware

Security Affairs

AUGUST 10, 2023

The infection chain starts when victims are tricked into clicking on an ads that appears like an authentic Google advertisement. Once Statc Stealer steals the user’s data, it encrypts the data, puts it in a text file, and stores it in the Temp folder.

Malware

Malware Encryption Advertising Cryptocurrency

The importance of computer identity in network communications: how to protect it and prevent its theft

Security Affairs

DECEMBER 9, 2020

The confidentiality of information in internet communications. Internet communications use the protocol called TCP/IP (Transmission Control Protocol/Internet Protocol), which allows information to be transmitted from one computer to another through a series of intermediate computers and networks. Mutual authentication of interlocutors.

Authentication

Authentication Encryption Passwords Social Engineering

Cisco urges to patch actively exploited IOS zero-day CVE-2023-20109

Security Affairs

SEPTEMBER 28, 2023

The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE. A remote attacker can trigger the vulnerability to gain arbitrary code execution. The issue can be exploited only by an attacker who has valid credentials and administrative control over a group member or a key server.

VPN

VPN Software Encryption Authentication

Experts published PoC exploits for Arcserve UDP authentication bypass issue

MY TAKE: Agile cryptography is coming, now that ‘attribute-based encryption’ is ready for prime time

Webinars

Trending Sources

Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks

Webinars

Over 92,000 Internet-facing D-Link NAS devices can be easily hacked

New Hive ransomware variant is written in Rust and use improved encryption method

GoTo revealed that threat actors stole customers’ backups and encryption key for some of them

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

LastPass revealed that intruders had internal access for four days during the August hack

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Apple created post-quantum cryptographic protocol PQ3 for iMessage

Over 500K MikroTik RouterOS systems potentially exposed to hacking due to critical flaw

Akira ransomware received $42M in ransom payments from over 250 victims

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Poland’s authorities investigate a hacking attack on country’s railways

GravityRAT returns disguised as an end-to-end encrypted chat app

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

FragAttacks vulnerabilities expose all WiFi devices to hack

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Team Liquid’s wiki leak exposes 118K users

Watch out, a new critical flaw affects Fortra GoAnywhere MFT

B. Braun Infusomat pumps could be hacked to alter medication doses

Multiple Brocade SANnav SAN Management SW flaws allow device compromise

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

3.4 Million user records from LiveAuctioneers hack available for sale

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition

MY TAKE: Why ‘basic research’ is so vital to bringing digital transformation to full fruition

miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Terrapin attack allows to downgrade SSH protocol security

USBAnywhere BMC flaws expose Supermicro servers to hack

Owowa, a malicious IIS Server module used to steal Microsoft Exchange credentials

North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack

Cryptocurrencies and cybercrime: A critical intermingling

15 Cybersecurity Measures for the Cloud Era

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204

Most of Exim email servers could be hacked by exploiting 21Nails flaws

Microsoft releases out-of-band update to fix Kerberos auth issues caused by a patch for CVE-2022-37966

Microsoft publishes mitigations for the PetitPotam attack

Statc Stealer, a new sophisticated info-stealing malware

The importance of computer identity in network communications: how to protect it and prevent its theft

Cisco urges to patch actively exploited IOS zero-day CVE-2023-20109

Stay Connected