45 matches found
Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials
Cisco Talos would like to acknowledge Anna Bennett and Brandon White of Cisco Talos and Phillip Schafer, Mike Moran, and Becca Lynch of the Duo Security Research team for their research that led to the identification of these attacks. Cisco Talos is actively monitoring a global increase in...
The vulnerability of the microprogrammed protection system for the SEL-451 phase-change relay exists due to insufficient verification of input data. This allows a perpetrator to trigger a malfunction and lock out arbitrary services.
The vulnerability of the microprogrammed protection system for the SEL-451 phase-change relay exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to cause malfunctions and lock out arbitrary services...
Open Web Analytics 1.7.3 Remote Code Execution Exploit
Open Web Analytics OWA versions prior to 1.7.4 allow an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. class MetasploitModule 'Open Web Analytics 1.7.3 - Remote Code Execution RCE', 'Description' = %q Op...
Lack of brute force protection
Issue Description • A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until an attacker discover the one correct combination that works. Steps to Reproduce: '1. First capture login request with BurpSuite,...
Oh365UserFinder - Python3 O365 User Enumeration Tool
Oh365UserFinder is used for identifying valid o365 accounts and domains without the risk of account lockouts. The tool parses responses to identify the "IfExistsResult" flag is null or not, and responds appropriately if the user is valid. The tool will attempt to identify false positives based on...
SharpSpray - Active Directory Password Spraying Tool. Auto Fetches User List And Avoids Potential Lockouts
SharpSpray is a Windows domain password spraying tool written in .NET C. Introduction SharpSpray is a C port of DomainPasswordSpray with enhanced and extra capabilities. This tool uses LDAP Protocol to communicate with the Domain active directory services. Features Can operate from inside and...
Insecure Access Controls
github.com/argoproj/argo-cd uses insecure access controls. The Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-brute-force measures. An attacker is able to repeatedly perform authentication attempts to discover user credentials...
Improper Restriction of Excessive Authentication Attempts in Argo API
As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. Attackers can submit an unlimited number of authentication attempts without consequence. Specific Go Packages Affected...
GHSA-XCQR-9H24-VRGW Improper Restriction of Excessive Authentication Attempts in Argo API
As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. Attackers can submit an unlimited number of authentication attempts without consequence. Specific Go Packages Affected...
Why Cached Credentials Can Cause Account Lockouts and How to Stop it
When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. However, this is far from being the only thing that can cause an account to become locked. Another common cause, for example, is an application or...
Why Cached Credentials Can Cause Account Lockouts and How to Stop it
When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. However, this is far from being the only thing that can cause an account to become locked. Another common cause, for example, is an application or...
Quick Guide — How to Troubleshoot Active Directory Account Lockouts
Active Directory account lockouts can be hugely problematic for organizations. There have been documented instances of attackers leveraging the account lockout feature in a type of denial of service attack. By intentionally entering numerous bad passwords, attackers can theoretically lock all of...
Quick Guide — How to Troubleshoot Active Directory Account Lockouts
Active Directory account lockouts can be hugely problematic for organizations. There have been documented instances of attackers leveraging the account lockout feature in a type of denial of service attack. By intentionally entering numerous bad passwords, attackers can theoretically lock all of...
IBM Security Guardium Information Disclosure Vulnerability (CNVD-2020-32645)
IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from an information disclosure...
Authentication flaw
As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. Attackers can submit an unlimited number of authentication attempts without consequence...
PT-2020-20310 · Intuit · Argo Api
Name of the Vulnerable Software and Affected Versions: Argo API version 1.5.0 Description: The Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures, allowing attackers to submit an unlimited number of authentication attemp...
Security feature bypass
A security feature bypass vulnerability exists in Active Directory Federation Services ADFS which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an attacker could run a specially crafted application, which would allow an attacker to launch a password...
Security Bulletin: IBM Security Access Manager for Web does not enforce account lockouts (CVE-2015-5010)
Summary IBM Security Access Manager for Web does not enforce account lockouts after a certain number of failed login attempts. A remote attacker could use a brute force attack to determine the login credentials for the administrator. Vulnerability Details CVEID: CVE-2015-5010 DESCRIPTION: IBM...
QakBot Returns, Locking Out Active Directory Accounts
QakBot, a worm-like strain of information-stealing malware that’s been around since 2009, has resurfaced again. The malware has been a thorn in the side of administrators as of late. After a recent stretch of inactivity, researchers now link a rash of recent Microsoft Active Directory lockouts to...
AD Account Lockouts Due to Citrix PIN Password Caching
After a password change at ActiveDirectory, users are seeing account lockouts. XenMobile was causing these lockouts as the password cached with Citrix PIN was not updated...