Security Affairs

OCTOBER 20, 2024

An authenticated attacker, with Manager role privileges or higher, could exploit the vulnerability CVE-2024-45844 to elevate privileges and compromise the BIG-IP system. “An authenticated attacker may exploit this vulnerability by storing malicious HTML or JavaScript code in the BIG-IQ user interface.

Authentication 138

Authentication Hacking Technology Information Security 138

Security Affairs

FEBRUARY 20, 2025

The company pointed out that only authenticated users with existing access to the NetScaler Console can exploit this vulnerability. “The issue arises due to inadequate privilege management and could be exploited by an authenticated malicious actor to execute commands without additional authorization. NetScaler Console 14.1

Authentication 120

Authentication Software Hacking Information Security 120

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. Internet Archive Zendesk emails sent by the threat actor Source: BleepingComputer The message highlights a poor security posture by the Internet Archive.

Internet 130

Internet Internet Data breaches Authentication 130

Security Affairs

APRIL 18, 2025

ASUS warns of an authentication bypass vulnerability in routers with AiCloud enabled that could allow unauthorized execution of functions on the device. ASUS warns of an authentication bypass vulnerability, tracked as CVE-2025-2492 (CVSS v4 score: 9.2), which impacts routers with AiCloud enabled.

Firmware 117

Firmware Authentication Passwords VPN 117

Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. The attackers targeted accounts protected with basic authentication bypassing multi-factor authentication. Despite Microsoft phasing it out, it remains an active security risk.

Passwords 122

Passwords Accountability Authentication Malware 122

Security Affairs

JUNE 12, 2025

Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and security risks. Bitsight warns that over 40,000 security cameras worldwide are exposed to remote hacking due to unsecured HTTP or RTSP (Real-Time Streaming Protocol) access.

Hacking 67

Hacking Telecommunications Internet Internet 67

Security Affairs

MAY 24, 2025

. “Implement basic cyber hygiene to include being suspicious, robust passwords, multifactor authentication, and installation of antivirus tools.” ” concludes the report.

Social Engineering 114

Social Engineering Antivirus Phishing Engineering 114

Security Affairs

NOVEMBER 7, 2024

CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Additionally, Expedition provides automation and best practice adoption to improve security posture and operational efficiency. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA )

Firewall 127

Firewall Authentication Accountability Risk 127

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 138

Data collection Authentication Government Hacking 138

Security Affairs

NOVEMBER 13, 2024

is a buffer overflow issue that an authenticated attacker could exploit. “Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network access.” is an improper input validation issue that can be exploited remotely without authentication.

Authentication 116

Authentication Mobile Hacking Information Security 116

Security Affairs

OCTOBER 19, 2024

Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software. In each of the cases, attackers initially accessed targets using compromised VPN gateways without multifactor authentication enabled. Overlapping indicators link these cases to prior Fog and Akira ransomware attacks.

Backups 132

Backups VPN Ransomware Authentication 132

Security Affairs

DECEMBER 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) Remote attackers could bypass authentication and execute arbitrary commands by exploiting a flaw in secMiddleware , which only validates POST requests. to its Known Exploited Vulnerabilities (KEV) catalog. and ftp/views.py.

DNS 110

DNS Authentication Ransomware Hacking 110

Security Affairs

FEBRUARY 16, 2025

” Device code phishing attacks exploit authentication flows to steal tokens, granting attackers access to accounts and data. Upon clicking the meeting invitation embedded in the message, recipients are prompted to authenticate using a threat actor-generated device code. ” continues the report.

Phishing 116

Phishing Authentication Telecommunications Accountability 116

Security Affairs

NOVEMBER 26, 2024

Attackers can exploit the SSL VPN gateway by accessing the filesystem via an HTTP header flags attribute and a vulnerable URL without authentication. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. ” reads the advisory.

VPN 112

VPN Authentication Hacking Risk 112

Security Affairs

MAY 28, 2025

GreyNoisediscovered the AyySSHush botnet has hacked over 9,000 ASUS routers, adding a persistent SSH backdoor. GreyNoise also found a payload exploiting the authenticated command injection flaw CVE-2023-39780 in ASUS RT-AX55 v3.0.0.4.386.51598 to execute arbitrary system commands. ” states GreyNoise. .

Firmware 135

Firmware Internet Internet Hacking 135

Security Affairs

APRIL 1, 2025

Threat actors are exploiting a critical authentication bypass vulnerability, tracked as CVE-2025-2825 , in the CrushFTP file transfer software. that may allow unauthenticated remote attackers to bypass authentication via HTTP(S) requests. Attackers are using exploits based on publicly available proof-of-concept exploit code.

Authentication 119

Authentication Software Ransomware Hacking 119

Security Affairs

JANUARY 8, 2025

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, SonicOS)

Firewall 116

Firewall Firmware VPN Authentication 116

Security Affairs

MARCH 30, 2025

The vulnerability Ivanti impacted Ivanti Connect Secure, Policy Secure and ZTA Gateways. A local authenticated attacker can trigger the vulnerability to escalate privileges. Ivanti has released an update that addresses one critical and one high vulnerability in Ivanti Connect Secure, Policy Secure and ZTA Gateways.

Malware 123

Malware Authentication Encryption Cybersecurity 123

Security Affairs

APRIL 19, 2025

A remote authenticated attacker can exploit the flaw to inject arbitrary commands as a nobody user, which could potentially lead to arbitrary code execution. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Remote Code Execution) ” reads the advisory. .”

Passwords 108

Passwords Firewall VPN Accountability 108

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. from fake websites (phishing sites) disguised as websites of real securities companies.” ” reads the FSA’s alert.

Financial Services 121

Financial Services Passwords Antivirus Accountability 121

Security Affairs

OCTOBER 11, 2024

Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked. Internet Archive hacked. Hunt will add the information of the impacted users to HIBP very soon. Hunt also verified the authenticity of the information included in the stolen archive.

Data breaches 123

Data breaches Internet Internet DDOS 123

Security Affairs

DECEMBER 11, 2024

Ivanti addressed a critical authentication bypass vulnerability impacting its Cloud Services Appliance (CSA) solution. Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-11639 (CVSS score of 10), in its Cloud Services Appliance (CSA) solution. ” reads the advisory published by the company.

Authentication 106

Authentication Software Hacking Information Security 106

Security Affairs

NOVEMBER 8, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Palo Alto Expedition Missing Authentication Vulnerability, tracked as CVE-2024-5910 , to its Known Exploited Vulnerabilities (KEV) catalog. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, RCE)

Firewall 118

Firewall Authentication Internet Internet 118

Security Affairs

FEBRUARY 19, 2025

The vulnerability CVE-2025-0111 is a file read issue in PAN-OS, an authenticated attacker with network access to the management web interface could exploit the flaw to read files that are readable by the “nobody” user. Palo Alto Networks addressed the flaw CVE-2025-0111 on February 12, 2025.

Firewall 107

Firewall Authentication Architecture Internet 107

Security Affairs

MAY 5, 2025

Sansec researchers reported that multiple vendors were hacked in a coordinated supply chain attack, the experts discovered that a backdoor was hidden in 21 applications. “This hack is called a Supply Chain Attack, which is one of the worst types. In versions from 2019 this does not require any authentication.”

eCommerce 96

eCommerce Hacking Authentication Software 96

Security Affairs

MAY 22, 2024

GitHub addressed a vulnerability in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication. GitHub has rolled out security fixes to address a critical authentication bypass issue, tracked as CVE-2024-4985 (CVSS score: 10.0), in the GitHub Enterprise Server (GHES).

Authentication 138

Authentication Encryption Hacking Information Security 138

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. The fact that there are so many different APIs is the main challenge for enterprises when it comes to API security.

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

Security Affairs

JANUARY 30, 2025

.” The researchers noted that the leak could have allowed attackers to take full control of the database and potentially escalate privileges within the DeepSeek environment, without any authentication. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, DeepSeek )

Authentication 122

Authentication Passwords Hacking Risk 122

Security Affairs

JUNE 10, 2025

. “RFC inbound processing does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.” ” The flaw resides in SAP’s Remote Function Call (RFC) framework lets authenticated attackers bypass key checks and escalate privileges, risking app integrity and availability.

Authentication 102

Authentication Hacking Software Risk 102

Security Affairs

FEBRUARY 4, 2025

The two flaws are, respectively, a remote code execution issue and an authentication bypass vulnerability. The unauthenticated RCE security vulnerability PSV-2023-0039 impacts the following product models: XR1000, the issue was fixed in firmware version 1.0.0.74 XR1000v2, the issue was fixed in firmware version 1.1.0.22

Firmware 111

Firmware Authentication Hacking Information Security 111

Security Affairs

MAY 17, 2025

Always confirm authenticity before responding, and contact security officials or the FBI if uncertain. Enable and protect two-factor authentication and never share OTP codes. Use a secret word with family to confirm identities and stay secure. Be cautious of realistic fakes using public photos or voice cloning.

Government 124

Government Social Engineering Authentication Accountability 124

Security Affairs

JANUARY 16, 2025

Over the years, multiple security experts have identified several vulnerabilities in MikroTik routers, such as a remote code execution vulnerability detailed by VulnCheck researchers here. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, MikroTik botnet)

DNS 139

DNS Malware Firmware Authentication 139

Security Affairs

FEBRUARY 15, 2025

. “Organizations relying on PAN-OS firewalls should assume that unpatched devices are being targeted andtake immediate steps to secure them.“ An unauthenticated attacker on the network couple exploit the vulnerability to bypass authentication and invoke certain PHP scripts. ” reads the report published by Assetnote.

Firewall 104

Firewall Authentication Architecture Risk 104

Security Affairs

FEBRUARY 19, 2025

The second vulnerability, tracked CVE-2025-26466 (CVSS score: 5.9), affects both the OpenSSH client and server, allowing a pre-authentication denial-of-service attack. ” The OpenSSH client and server are vulnerable (CVE-2025-26466) to a pre-authentication denial-of-service (DoS) attack.

Authentication 124

Authentication System Administration DNS Hacking 124

Security Affairs

FEBRUARY 18, 2025

Juniper Networks addressed a critical authentication bypass vulnerability, tracked as CVE-2025-21589 (CVSS score of 9.8), affecting its Session Smart Router product. The company discovered the vulnerability during internal product security testing or research. ” reads the advisory.

Authentication 87

Authentication Hacking Information Security 87

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The Krispy Kreme hack is a sobering reminder that no industry is immune to cyber threats.

Password Management 109

Password Management Passwords CISO Cybersecurity 109

Security Affairs

MARCH 18, 2025

The vulnerability is an authentication bypass issue that could allow a remote attacker to gain super-admin privileges by making maliciously crafted CSF proxy requests. An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0

Authentication 117

Authentication Ransomware Firewall Hacking 117