Authentication, Hacking and Software - Cyber Security Informer

Microsoft Patch Tuesday, November 2024 Edition

Krebs on Security

NOVEMBER 12, 2024

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. The second bug fixed this month that is already seeing in-the-wild exploitation is CVE-2024-43451 , a spoofing flaw that could reveal Net-NTLMv2 hashes , which are used for authentication in Windows environments.

Authentication

Authentication Engineering Malware Passwords

DOGE as a National Cyberattack

Schneier on Security

FEBRUARY 13, 2025

DOGE personnel are also reported to be feeding Education Department data into artificial intelligence software, and they have also started working at the Department of Energy. But given that DOGE workers have already copied data and possibly installed and modified software, it’s unclear how this fixes anything.

Government

Government Artificial Intelligence Banking Software

Latest on the SVR’s SolarWinds Hack

Schneier on Security

JANUARY 5, 2021

The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). There is also no indication yet that any human intelligence alerted the United States to the hacking. The October files, distributed to customers on Oct.

Hacking

Hacking System Administration Software Surveillance

News alert: INE secures spot in G2’s 2025 Top 50 education software rankings

The Last Watchdog

FEBRUARY 25, 2025

This category of awards ranks the worlds top 50 software education products based on authentic reviews from more than 100 million G2 users. Warn “We are thrilled to be recognized for a second consecutive year by G2’s Best Software Awards, said Dara Warn, CEO of INE. Cary, NC, Feb.

Education

Education Software Small Business Cybersecurity

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Krebs on Security

JUNE 28, 2019

says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Office365 accounts to use multi-factor authentication. But many companies partner with a CSP simply to gain more favorable pricing on software licenses — not necessarily to have someone help manage their Azure/O365 systems.

Authentication

Authentication Accountability Data breaches Software

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Cybercrime Phishing Passwords

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. ” BleepingComputer also reported that multiple companies confirmed the leaked Oracle data as authentic, including accurate LDAP names, emails, and other identifiers. Oracle Corp.

Hacking

Hacking Data breaches Encryption Authentication

More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Security Affairs

NOVEMBER 21, 2024

Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. CVE-2024-0012 is a vulnerability in Palo Alto Networks PAN-OS that allows unauthenticated attackers with network access to the management web interface to bypass authentication and gain administrator privileges.

Firewall

Firewall Hacking VPN Authentication

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

JULY 8, 2021

The attackers exploited a vulnerability in software from Kaseya , a Miami-based company whose products help system administrators manage large networks remotely. “It’s a patch for their own software. “This is worse because the CVE calls for an authenticated user,” Holden said. And it’s not zero-day.

Software

Software Ransomware System Administration Authentication

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. The key works without the need for any special software drivers. Thus, the second factor cannot be phished, either over the phone or Internet.

Hacking

Hacking Social Engineering Phishing Scams

Citrix addressed NetScaler console privilege escalation flaw

Security Affairs

FEBRUARY 20, 2025

The company pointed out that only authenticated users with existing access to the NetScaler Console can exploit this vulnerability. “The issue arises due to inadequate privilege management and could be exploited by an authenticated malicious actor to execute commands without additional authorization. NetScaler Console 14.1

Authentication

Authentication Software Hacking Information Security

HPE fixed multiple flaws in its StoreOnce software

Security Affairs

JUNE 4, 2025

These issues could allow remote code execution, authentication bypass, data leaks, and more. “Potential security vulnerabilities have been identified in HPE StoreOnce Software.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Hewlett Packard Enterprise)

Software

Software Backups Authentication Hacking

Palo Alto Networks fixed multiple privilege escalation flaws

Security Affairs

JUNE 14, 2025

The most severe vulnerability, tracked as CVE-2025-4232 (CVSS score of 7.1), is an authenticated code injection through wildcard on macOS. The company also addressed a PAN-OS Authenticated Admin Command Injection Vulnerability, tracked as CVE-2025-4231 (CVSS score of 6.1), in the Management Web Interface. ” reads the advisory.

Authentication

Authentication Hacking Software Risk

Roundcube Webmail under fire: critical exploit found after a decade

Security Affairs

JUNE 4, 2025

has been discovered in the Roundcube webmail software. allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.” A critical flaw, tracked as CVE-2025-49113 (CVSS score of 9.9) x before 1.6.11

Authentication

Authentication Risk Hacking Technology

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Back in 2015, a security researcher decided to make that very point when he claimed to have hacked a plane , accessed the thrust system, and made it fly higher than intended.

Software

Software Risk Artificial Intelligence Cyber Attacks

CrushFTP CVE-2025-2825 flaw actively exploited in the wild

Security Affairs

APRIL 1, 2025

Threat actors are exploiting a critical authentication bypass vulnerability, tracked as CVE-2025-2825 , in the CrushFTP file transfer software. The file transfer software maker CrushFTP urge customers to take immediate action to address the vulnerability. The vulnerability impacts CrushFTP versions 10.0.0 through 10.8.3

Authentication

Authentication Software Ransomware Hacking

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

Veeam Backup & Replication is a comprehensive data protection and disaster recovery software developed by Veeam. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software. Some of these VPNs were running unsupported software versions.” reads the advisory.

Backups

Backups VPN Ransomware Authentication

FBI Hacker Dropped Stolen Airbus Data on 9/11

Krebs on Security

SEPTEMBER 13, 2023

Info-stealers like RedLine typically are deployed via opportunistic email malware campaigns, and by secretly bundling the trojans with cracked versions of popular software titles made available online. Also, unless you really know what you’re doing, please don’t download and install pirated software. Microsoft Corp.

Cybercrime

Cybercrime Passwords Authentication Malware

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

The Last Watchdog

JANUARY 25, 2021

SolarWinds and Mimecast are long-established, well-respected B2B suppliers of essential business software embedded far-and-wide in company networks. Thanks to a couple of milestone hacks disclosed at the close of 2020 and start of 2021, they will forever be associated with putting supply-chain vulnerabilities on the map.

Hacking

Hacking B2B Authentication Software

Internet Archive data breach impacted 31M users

Security Affairs

OCTOBER 11, 2024

.” The Internet Archive is an American nonprofit digital library website that provides free access to collections of digitized materials including websites, software applications, music, audiovisual, and print materials. Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked.

Data breaches

Data breaches Internet Internet DDOS

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans.

Hacking

Hacking Identity Theft Government Phishing

VMware Flaw a Vector in SolarWinds Breach?

Krebs on Security

DECEMBER 18, 2020

government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. National Security Agency (NSA) warned on Dec. ” Indeed, the NSA’s Dec.

Software

Software Authentication Hacking Government

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Update software : Keep your operating system, security software, and firewall up to date to patch vulnerabilities.

Identity Theft

Identity Theft Passwords Malware Banking

Ivanti fixed a maximum severity vulnerability in its CSA solution

Security Affairs

DECEMBER 11, 2024

Ivanti addressed a critical authentication bypass vulnerability impacting its Cloud Services Appliance (CSA) solution. Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-11639 (CVSS score of 10), in its Cloud Services Appliance (CSA) solution. that the software firm addressed in September.

Authentication

Authentication Software Hacking Information Security

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Keeping devices updated and using reliable antivirus software also helps prevent malware-related data theft. from fake websites (phishing sites) disguised as websites of real securities companies.”

Financial Services

Financial Services Passwords Accountability Antivirus

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Security Affairs

MAY 5, 2025

Sansec researchers reported that multiple vendors were hacked in a coordinated supply chain attack, the experts discovered that a backdoor was hidden in 21 applications. “Hundreds of stores, including a $40 billion multinational, are running backdoored versions of popular ecommerce software. ” continues the report.

eCommerce

eCommerce Hacking Authentication Software

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Security Affairs

FEBRUARY 19, 2025

The vulnerability CVE-2025-0111 is a file read issue in PAN-OS, an authenticated attacker with network access to the management web interface could exploit the flaw to read files that are readable by the “nobody” user. Palo Alto Networks addressed the flaw CVE-2025-0111 on February 12, 2025. In November 2024, the U.S.

Firewall

Firewall Authentication Architecture Internet

Veeam Backup & Replication exploit reused in new Frag ransomware attack

Security Affairs

NOVEMBER 9, 2024

Veeam Backup & Replication is a comprehensive data protection and disaster recovery software developed by Veeam. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software. Some of these VPNs were running unsupported software versions.” reads the advisory.

Backups

Backups Ransomware VPN Accountability

SAP June 2025 Security Patch Day fixed critical NetWeaver bug

Security Affairs

JUNE 10, 2025

. “RFC inbound processing does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.” ” The flaw resides in SAP’s Remote Function Call (RFC) framework lets authenticated attackers bypass key checks and escalate privileges, risking app integrity and availability.

Authentication

Authentication Hacking Software Risk

What We Can Learn from the Capital One Hack

Krebs on Security

AUGUST 2, 2019

Evan Johnson , manager of the product security team at Cloudflare , recently penned an easily digestible column on the Capital One hack and the challenges of detecting and blocking SSRF attacks targeting cloud services. “SSRF has become the most serious vulnerability facing organizations that use public clouds,” Johnson wrote.

Hacking

Hacking Firewall Data breaches Software

Palo Alto Networks fixed a high-severity PAN-OS flaw

Security Affairs

DECEMBER 27, 2024

Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. when access is limited to authenticated end users via Prisma Access. Repeated exploitation forces the firewall into maintenance mode. ” reads the advisory.

DNS

DNS Firewall Spyware Software

Cisco fixed tens of vulnerabilities, including an actively exploited one

Security Affairs

OCTOBER 24, 2024

An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking , CISCO ASA) “This vulnerability is due to resource exhaustion. ” reads the advisory.

VPN

VPN Firewall Passwords Software

Experts released PoC exploit for critical Progress Software OpenEdge bug

Security Affairs

MARCH 11, 2024

Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. ” The vulnerability CVE-2024-1403 (CVSS score 10) is an authentication bypass issue that impacts OpenEdge versions 11.7.18 Researchers from Horizon3.ai

Software

Software Authentication Passwords Engineering

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

Cisco confirmed the authenticity of the 4GB of leaked data, the data was compromised in a recent security breach, marking the second leak in the incident. Cisco confirmed the authenticity of the 4GB of leaked data, which was compromised in a recent security breach, marking it as the second leak in the incident.

Data breaches

Data breaches Cybercrime Authentication Technology

How Hacker's hack Android Devices

Hacker's King

JANUARY 8, 2025

You may also like to read: How Hackers Spy On Hacked Phone? How To Detect and Secure Yourself Hacker's Most Preferred Hacking Techniques These techniques can be described as the most liked techniques of users to hack Android devices. By using this technique, hackers extract any information required to hack your Android device.

Hacking

Hacking Spyware Antivirus Passwords

Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

Security Affairs

FEBRUARY 15, 2025

“ An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. ” reads the report published by Assetnote.

Firewall

Firewall Authentication Architecture Risk

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

Security Affairs

MARCH 10, 2025

Moonstone Sleet threat actors target financial and cyberespionage victims using trojanized software, custom malware, malicious games, and fake companies like StarGlow Ventures and C.C. Additionally, they attempt to infiltrate organizations by posing as software developers seeking employment.

Ransomware

Ransomware Healthcare VPN Malware

Critical Veeam Backup Enterprise Manager authentication bypass bug

Security Affairs

MAY 22, 2024

A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked as CVE-2024-29849 (CVSS score: 9.8), in Veeam Backup Enterprise Manager could allow attackers to bypass authentication.

Backups

Backups Authentication Accountability Software

U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 19, 2024

CVE-2024-0012 is a vulnerability in Palo Alto Networks PAN-OS that allows unauthenticated attackers with network access to the management web interface to bypass authentication and gain administrator privileges. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA )

Authentication

Authentication Firewall Risk Hacking

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

The data in this story come from a trusted source in the security industry who has visibility into a network of hacked machines that fraudsters in just about every corner of the Internet are using to anonymize their malicious Web traffic. mail server responds “OK” = successful access).

Accountability

Accountability Authentication Passwords Hacking

U.S. CISA adds Trimble Cityworks flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 7, 2025

Trimble Cityworks is a GIS-centric asset management and permitting software designed for local governments, utilities, and public works organizations. “Successful exploitation of this vulnerability could allow an authenticated user to perform a remote code execution.” ” reads the CISA’s advisory.

Authentication

Authentication Internet Internet Government

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Security Affairs

NOVEMBER 15, 2024

Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Encryption

Encryption Password Management Cryptocurrency Social Engineering

Hundred of CISCO switches impacted by bootloader flaw

Security Affairs

DECEMBER 5, 2024

Cisco released security patches for a vulnerability, tracked as CVE-2024-20397 (CVSS score of 5.2), in the NX-OS softwares bootloader that could be exploited by attackers to bypass image signature verification. “A successful exploit could allow the attacker to bypassNX-OSimage signature verificationand loadunverified software.”

Software

Software Authentication Hacking Information Security

Hacking Kia: Remotely Controlling Cars with Just a License Plate

Hacker's King

NOVEMBER 16, 2024

How the Hack Works Many modern cars, including those from Kia, use telematics systems that connect to mobile apps and cloud-based services for convenience features like remote start or door unlocking. The company is working on updating its software and strengthening encryption to protect against unauthorized access.

Hacking

Hacking Mobile Encryption Authentication

Microsoft Patch Tuesday, November 2024 Edition

DOGE as a National Cyberattack

Trending Sources

Latest on the SVR’s SolarWinds Hack

News alert: INE secures spot in G2’s 2025 Top 50 education software rankings

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

When Low-Tech Hacks Cause High-Impact Breaches

Citrix addressed NetScaler console privilege escalation flaw

HPE fixed multiple flaws in its StoreOnce software

Palo Alto Networks fixed multiple privilege escalation flaws

Roundcube Webmail under fire: critical exploit found after a decade

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

CrushFTP CVE-2025-2825 flaw actively exploited in the wild

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

FBI Hacker Dropped Stolen Airbus Data on 9/11

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

Internet Archive data breach impacted 31M users

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

VMware Flaw a Vector in SolarWinds Breach?

International law enforcement operation dismantled RedLine and Meta infostealers

Ivanti fixed a maximum severity vulnerability in its CSA solution

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Veeam Backup & Replication exploit reused in new Frag ransomware attack

SAP June 2025 Security Patch Day fixed critical NetWeaver bug

What We Can Learn from the Capital One Hack

Palo Alto Networks fixed a high-severity PAN-OS flaw

Cisco fixed tens of vulnerabilities, including an actively exploited one

Experts released PoC exploit for critical Progress Software OpenEdge bug

Cisco states that the second data leak is linked to the one from October

How Hacker's hack Android Devices

Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

Critical Veeam Backup Enterprise Manager authentication bypass bug

U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog

Gift Card Gang Extracts Cash From 100k Inboxes Daily

U.S. CISA adds Trimble Cityworks flaw to its Known Exploited Vulnerabilities catalog

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Hundred of CISCO switches impacted by bootloader flaw

Hacking Kia: Remotely Controlling Cars with Just a License Plate

Stay Connected