libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in...

Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

Microsoft has announced a three-phase approach to phase out New Technology LAN Manager NTLM as part of its efforts to shift Windows environments toward stronger, Kerberos-based options. The development comes more than two years after the tech giant revealed its plans to deprecate the legacy...

CVE-2025-34208 Vasion Print (formerly PrinterLogic) Insecure Password Hashing

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments store user passwords using unsalted SHA-512 hashes with a fall-back to unsalted SHA-1. The hashing is performed via PHP's hash function in multiple files serverwriterequestsusers.php, updatedatabase.php,...

Botnet of 130K Devices Targets Microsoft 365 in Password-Spraying Attack

A botnet of 130,000 devices is launching a Password-Spraying attack on Microsoft 365, bypassing MFA and exploiting legacy authentication to access accounts...

5 SaaS Misconfigurations Leading to Major Fu*%@ Ups

With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious actors, data breaches, and insider threats, which pose...

PT-2024-10385 · Firebird · Firebird

Name of the Vulnerable Software and Affected Versions: Firebird component of "Популяционный раковый регистр" and "Госпитальный раковый регистр" affected versions not specified Description: The issue is related to the use of an insecure authentication method, Legacy Auth, in the Firebird component...

AZL-8649 CVE-2016-2124 affecting package samba 4.12.5-7

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required...

A Guide to Shift Away from Legacy Authentication Protocols in Microsoft 365

Microsoft 365 M365, formerly called Office 365 O365, is Microsoft's cloud strategy flagship product with major changes ahead, such as the deprecation of their legacy authentication protocols. Often stored on or saved to the device, Basic Authentication protocols rely on sending usernames and...

Protect your business from password sprays with Microsoft DART recommendations

Over the past year, the Microsoft Detection and Response Team DART, along with Microsoft’s threat intelligence teams, have observed an uptick in the use of password sprays as an attack vector. This threat is a moving target with techniques and tools always changing, and Microsoft continues to fin...

A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture

In the last post, we discussed Office 365 and how enabling certain features without understanding all the components can lead to a false sense of security. We demonstrated how implementing a break glass account, multi-factor authentication MFA, and the removal of legacy authentication can help...

Microsoft Security: Use baseline default tools to accelerate your security career

I wrote a series of blogs last year on how gamified learning through cyber ranges can create more realistic and impactful cybersecurity learning experiences and help attract tomorrow’s security workforce. With the global talent shortage in this field, we need to work harder to bring people into t...

Microsoft Office 365—Do you have a false sense of cloud security?

Through difficult times, some adversaries will find opportunities and COVID-19 has proven to be a ripe opportunity for them to target a new, expanding, remote workforce. While these threats morph and evolve, Microsoft’s Detection and Response Team DART finds ways to endure and help organizations...

Prevent and detect more identity-based attacks with Azure Active Directory

Security incidents often start with just one compromised account. Once an attacker gets their foot in the door, they can escalate privileges or gather intelligence that helps them reach their goals. This is why we say that identity is the new security perimeter. To reduce the risk of a data breac...

OPENSUSE-SU-2020:0597-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2020-1934: modproxyftp may use uninitialized memory when proxying to a malicious FTP server bsc1168404. - CVE-2020-1927: modrewrite configurations vulnerable to open redirect bsc1168407. - CVE-2020-1938: modproxyajp: Add 'secret' parameter...

SUSE-SU-2020:1126-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2020-1934: modproxyftp may use uninitialized memory when proxying to a malicious FTP server bsc1168404. - CVE-2020-1927: modrewrite configurations vulnerable to open redirect bsc1168407. - CVE-2020-1938: modproxyajp: Add 'secret' parameter...

SUSE-SU-2020:1111-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2020-1934: modproxyftp may use uninitialized memory when proxying to a malicious FTP server bsc1168404. - CVE-2020-1927: modrewrite configurations vulnerable to open redirect bsc1168407. - CVE-2020-1938: modproxyajp: Add 'secret' parameter...

jenkins: Jenkins accepted cached legacy CLI authentication

Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based...

3 investments Microsoft is making to improve identity management

As a large enterprise with global reach, Microsoft has the same security risks as its customers. We have a distributed, mobile workforce who access corporate resources from external networks. Many individuals struggle to remember complex passwords or reuse one password across many accounts, which...

Security update 1970-01-01

...