1242 matches found
CVE-2020-27178
Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication...
PSA: Increase in RDP Attacks Means It's Time to Mind Your RDPs and Qs
This week, Rapid7 Managed Detection and Response’s MDR intrepid investigators identified an increase in RDP attacks targeting RDP servers without multi-factor authentication enabled. Given that a fair number of folks are still working remotely, it’s no wonder that attackers continue to seek out a...
Detecting Microsoft 365 and Azure Active Directory Backdoors
Mandiant has seen an uptick in incidents involving Microsoft 365 M365 and Azure Active Directory Azure AD. Most of these incidents are the result of a phishing email coercing a user to enter their credentials used for accessing M365 into a phishing site. Other incidents have been a result of...
Microsoft Digital Defense Report 2020: Cyber Threat Sophistication on the Rise
Today, Microsoft is releasing a new annual report, called the Digital Defense Report, covering cybersecurity trends from the past year. This report makes it clear that threat actors have rapidly increased in sophistication over the past year, using techniques that make them harder to spot and tha...
The ABCs of Digital Distancing
No person is an island — despite the recent public health mandates on social distancing that might make us feel as though we are. Yet, sometimes these seemingly arbitrary constraints can catalyze innovations and approaches to common challenges – and everyone wins. In a recent tweet from entertain...
Rethinking Defensive Strategy at the Edge, Part 3: Strategies for Protective Action
Our three-part blog series, Re-thinking Defensive Strategy at the Edge, has been focusing on outlining a new defensive edge strategy for today's enterprise. We began with a discussion of data and indicators. Most recently, our second post focused on using risk signals and correlating them for...
This One Time on a Pen Test: Outwitting the Vexing VPN
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2020 Under the Hoodie report. Just...
MFA Bypass Bugs Opened Microsoft 365 to Attack
Bugs in the multi-factor authentication system used by Microsoft’s cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system, according to researchers at Proofpoint. The flaws exist in the implementation o...
Microsoft Security: Use baseline default tools to accelerate your security career
I wrote a series of blogs last year on how gamified learning through cyber ranges can create more realistic and impactful cybersecurity learning experiences and help attract tomorrow’s security workforce. With the global talent shortage in this field, we need to work harder to bring people into t...
Privilege escalation
An elevation of privilege vulnerability exists when Active Directory Federation Services ADFS improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication factors. To exploit this...
CVE-2020-0837
CVE-2020-0837 affects Active Directory Federation Services (ADFS) and is an Elevation of Privilege vulnerability arising from improper handling of multi-factor authentication requests. The initial description states that an attacker could bypass some MFA factors by sending a specially crafted aut...
CVE-2020-2040
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of...
Buffer overflow
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of...
CVE-2020-2040 PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of...
PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of...
CVE-2020-2040
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of...
ADFS MFA Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Active Directory Federation Services ADFS improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication factors. To exploit this...
PT-2020-3916 · Microsoft · Active Directory Federation Services +1
Name of the Vulnerable Software and Affected Versions: Active Directory Federation Services ADFS affected versions not specified Description: An elevation of privilege issue exists due to improper handling of multi-factor authentication requests by Active Directory Federation Services ADFS. This...
Sendgrid Under Siege from Hacked Accounts
Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. Sendgrids parent company Twilio says it is working on a plan to require multi-factor...
CVE-2020-15605
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents...