Security Affairs

OCTOBER 19, 2024

North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. “This attack requires an authenticated client to click a link in order for an unauthenticated attacker to initiate remote code execution.”

Internet 143

Internet Internet Engineering Malware 143

Security Affairs

FEBRUARY 19, 2025

The vulnerability CVE-2025-0111 is a file read issue in PAN-OS, an authenticated attacker with network access to the management web interface could exploit the flaw to read files that are readable by the “nobody” user. Palo Alto Networks addressed the flaw CVE-2025-0111 on February 12, 2025.

Firewall 107

Firewall Authentication Architecture Internet 107

Security Affairs

MAY 28, 2025

. “Using an AI powered network traffic analysis tool we built called SIFT, GreyNoise has caught multiple anomalous network payloads with zero-effort that are attempting to disable TrendMicro security features in ASUS routers, then exploit vulnerabilities and novel tradecraft in ASUS AiProtection features on those routers.”

Firmware 135

Firmware Internet Internet Hacking 135

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) reported that the damage caused by unauthorized access to and transactions on internet trading services is increasing. from fake websites (phishing sites) disguised as websites of real securities companies.” ” reads the FSA’s alert.

Financial Services 121

Financial Services Passwords Antivirus Accountability 121

Security Affairs

FEBRUARY 15, 2025

. “Organizations relying on PAN-OS firewalls should assume that unpatched devices are being targeted andtake immediate steps to secure them.“ An unauthenticated attacker on the network couple exploit the vulnerability to bypass authentication and invoke certain PHP scripts. ” reads the report published by Assetnote.

Firewall 104

Firewall Authentication Architecture Risk 104

Security Affairs

SEPTEMBER 9, 2021

Zoho urges customers to address an authentication bypass vulnerability in its ManageEngine ADSelfService Plus that is actively exploited in the wild. Zoho has released a security patch to address an authentication bypass vulnerability, tracked as CVE-2021-40539, in its ManageEngine ADSelfService Plus. Pierluigi Paganini.

Authentication 133

Authentication Password Management Passwords Internet 133

Security Affairs

AUGUST 1, 2024

Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. We have started sharing exposed VMware ESXi vulnerable to CVE-2024-37085 (authentication bypass). The flaw is an authentication bypass vulnerability in VMware ESXi. “A

Internet 142

Internet Internet Ransomware Authentication 142

Security Affairs

OCTOBER 24, 2024

The vulnerability is a missing authentication issue in FortiManager and FortiManager Cloud versions, an attacker could execute arbitrary code or commands through specially crafted requests. “A Mandiant urges organizations that may have their FortiManager exposed to the internet to conduct a forensic investigation.

Authentication 133

Authentication Internet Internet Hacking 133

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. In March 2024, threat actors behind this campaign started targeting Internet of Things (IoT) devices in the US, Australia, Canada, New Zealand, and the United Kingdom. ” reads the PIN report.

Architecture 109

Architecture Internet Internet Malware 109

Krebs on Security

AUGUST 23, 2024

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. SSL/TLS certs). ” Caturegli said setting up an email server record for memrtcc.ad

DNS 329

DNS Internet Internet Authentication 329

Security Affairs

DECEMBER 19, 2024

.” The experts added that FortiWLM’s verbose logs expose session IDs, enabling attackers to exploit log file read vulnerabilities to hijack sessions and access authenticated endpoints. Authenticated users’ session ID tokens in FortiWLM remain static per device boot. ” concludes the report.

Wireless 106

Wireless Authentication Healthcare Education 106

Security Affairs

JUNE 11, 2025

allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.” Researchers at the Shadowserver Foundation warned that roughly 84,000 Roundcube instances exposed on the Internet are still unpatched. x before 1.6.11

Authentication 78

Authentication Internet Internet Risk 78

Security Affairs

MARCH 8, 2024

The three flaws fixed are: CVE-2024-21899 : an improper authentication vulnerability could allow users to compromise the security of the system via a network. CVE-2024-21900 : an injection vulnerability could allow authenticated users to execute commands via a network.

Authentication 136

Authentication Hacking Internet Internet 136

SecureWorld News

DECEMBER 12, 2024

Trey Ford, Chief Information Security Officer at Bugcrowd, observed, "This incident may not have been made public if it wasn't for the Form 8-K requirement." The attack goes to show that, truly, nothing Internet-connected is sacred." Identity security is paramount in today's threat landscape.

Password Management 109

Password Management Passwords CISO Cybersecurity 109

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage.

Internet 133

Internet Internet Accountability Passwords 133

Security Affairs

FEBRUARY 7, 2025

. “Successful exploitation of this vulnerability could allow an authenticated user to perform a remote code execution.” “This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services (IIS) web server.”

Authentication 94

Authentication Internet Internet Government 94

Security Affairs

MAY 26, 2025

Below is the description of the flaws: CVE-2025-4427 (CVSS score: 5.3) An authentication bypass in Endpoint Manager Mobileallowingattackers to access protected resources without proper credentials. Ivanti confirmed that threat actors could chain the two vulnerabilities to achieve remote code execution without authentication.

Mobile 94

Mobile Telecommunications Authentication Internet 94

Daniel Miessler

MAY 14, 2020

I wrote an article recently on how to secure your home network in three different tiers of protection. In that piece I wanted to link to some safe internet practices—which some used to call Safe Hex—but I couldn’t find anything newer than nine years old. Enable two-factor authentication on all critical accounts.

Risk 345

Risk Password Management Passwords Accountability 345

Security Affairs

JANUARY 16, 2025

Over the years, multiple security experts have identified several vulnerabilities in MikroTik routers, such as a remote code execution vulnerability detailed by VulnCheck researchers here. The botnet’s SOCKS proxy setup enables access for hundreds of thousands of compromised machines. ” reads the report published by Infoblox.

DNS 139

DNS Malware Firmware Authentication 139

SecureList

DECEMBER 9, 2024

A previous faulty update had already suggested broader problems with CrowdStrike’s security software at the time, though the problem didn’t receive that much publicity. XZ backdoor to bypass SSH authentication What happened? However, delegating tasks also introduces new information security challenges.

Internet 111

Internet Internet Risk Social Engineering 111

Joseph Steinberg

JANUARY 20, 2022

Zero Trust is a concept, an approach to information security that dramatically deviates from the approach commonly taken at businesses worldwide by security professionals for many years. And, of course, they must know, and be able to strongly authenticate, any human users as well.

Cybersecurity 363

Cybersecurity Artificial Intelligence Ransomware Social Engineering 363

Security Affairs

SEPTEMBER 22, 2022

Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. The tool is not designed to be exposed on the Internet, however, researchers spotted tens thousands Redis instance publicly accessible without authentication. ” warns Censys.

Cryptocurrency 120

Cryptocurrency Internet Internet Hacking 120

Zero Day

JUNE 6, 2025

Here's why you don't need it Beyond monitoring your credit, you may want to change your AT&T password and set up multi-factor authentication for your account, if you haven't already done so. Trey Ford, Chief Information Security Officer at crowdsourced cybersecurity firm Bugcrowd offers an interesting take.

Password Management 128

Password Management Passwords Software Artificial Intelligence 128

Security Affairs

JUNE 12, 2025

Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and security risks. Bitsight warns that over 40,000 security cameras worldwide are exposed to remote hacking due to unsecured HTTP or RTSP (Real-Time Streaming Protocol) access.

Hacking 67

Hacking Telecommunications Internet Internet 67

Security Affairs

AUGUST 21, 2023

Ivanti warned customers of a new critical Sentry API authentication bypass vulnerability tracked as CVE-2023-38035. The software company Ivanti released urgent security patches to address a critical-severity vulnerability, tracked as CVE-2023-38035 (CVSS score 9.8), in the Ivanti Sentry (formerly MobileIron Sentry) product.

Authentication 98

Authentication Internet Internet Mobile 98

Security Affairs

APRIL 7, 2024

An attacker can exploit the flaw to achieve command execution on the affected D-Link NAS devices, gain access to potential access to sensitive information, system configuration alteration, or denial of service. Netsecfish reported that over 92,000 Internet-facing devices are vulnerable.

Internet 110

Internet Internet DNS Hacking 110

Security Affairs

MAY 20, 2025

Upon discovering the infection, the company promptly reported it to the Korea Internet & Security Agency (KISA) on Sunday, April 20, sanitized the impacted systems, and isolated the suspected hacking device. No cases of misuse of the information have been confirmed to date. ” SK Telecom announced it will notify 26.95

Malware 108

Malware Mobile Data breaches Wireless 108

Krebs on Security

APRIL 11, 2024

On April 10, Sisense Chief Information Security Officer Sangram Dash told customers the company had been made aware of reports that “certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet.)”

CISO 326

CISO Encryption Telecommunications Financial Services 326

Security Affairs

NOVEMBER 2, 2024

is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data. CVE-2024-8957 (CVSS score of CVSS 7.2) is an OS Command Injection.

Firmware 123

Firmware Manufacturing IoT Healthcare 123

Security Affairs

AUGUST 19, 2024

In Mid-August, Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-7593 (CVSS score of 9.8), impacting Virtual Traffic Manager (vTM) appliances that can allow attackers to create rogue administrator accounts. Successful exploitation could lead to authentication bypass and creation of an administrator user.”

Authentication 138

Authentication Internet Internet Software 138

Security Affairs

NOVEMBER 21, 2024

CVE-2024-0012 is a vulnerability in Palo Alto Networks PAN-OS that allows unauthenticated attackers with network access to the management web interface to bypass authentication and gain administrator privileges. This access enables administrative actions, configuration tampering, or exploitation of other vulnerabilities like CVE-2024-9474.

Firewall 113

Firewall Hacking VPN Cybersecurity 113

Security Affairs

JANUARY 19, 2025

The Planet WGS-804HPT industrial switch is used in building and home automation networks to provide connectivity of Internet of things (IoT) devices, IP surveillance cameras, and wireless LAN network applications. This switch family is equipped with a web service and SNMP management interface. ” reads the advisory published by Claroty.

Firmware 71

Firmware IoT Wireless Surveillance 71

The Last Watchdog

DECEMBER 18, 2024

CISA updated its Secure by Design guidance, and the EUs Cyber Resilience Act and NIS2 added new requirements. Proactive collaboration and cyber risk quantification are key to ensuring operational resilience and security. Overemphasizing compliance risks diverting resources from advanced security challenges.

Cybersecurity 130

Cybersecurity CISO Risk Government 130

Security Affairs

MARCH 16, 2022

No wonder Russia has been preparing to cut itself off from the global internet, hoping to move key government institutions to a sovereign Runet – a pan-Russian web limited to the Federation – to make them less prone to cyber attacks. Ideally, VNC should be used only with authenticated users, such as system administrators.

Authentication 140

Authentication Cyber Attacks System Administration Internet 140

The Last Watchdog

APRIL 4, 2022

SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. To protect against these attacks, businesses need to implement a wide range of strong API security measures such as authentication, authorization, encryption, and vulnerability scanning.

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras.

Surveillance 145

Surveillance Manufacturing Internet Internet 145

Security Affairs

NOVEMBER 24, 2023

Almost a million files with minors’ data, including home addresses and photos were left open to anyone on the internet, posing a threat to children. The DigitalOcean storage bucket, containing almost a million sensitive files, was left open to anyone without requiring authentication.

Identity Theft 143

Identity Theft Internet Internet Risk 143