1378 matches found
Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group...
Scammers Target NFT Discord Channel
Discord a public chat application designed for gamers has grown popular among crypto owners all over the world. Attackers are targeting the Discord servers of several popular nonfungible token NFT projects. Josh Fraser founder of Origin protocol shared a thread on Twitter earlier this month,...
Your cloud? My cloud now
A true story on taking over a client’s Azure tenant via a successful phish. TL;DR A tempting phish got lots of users to disclose their passwords, and a lack of training resulted in the victims accepting the Microsoft push-based multi-factor authentication. This resulted in gaining access to Slack...
Twitter fined $150M after using 2FA phone numbers for marketing
The Federal Trade Commission FTC and the Department of Justice DOJ have ordered Twitter to pay a $150M penalty for using users account security data deceptively. The deception violates an FTC order from 2011, that bars Twitter from "misleading consumers about the extent to which it protects the...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass in the MFAUserAccountSetupMVCActionCommand class that allows an authenticated used to deny service to another user by enabling the Time-based One-time password TOTP feature for their account, or by modifying the...
Liferay DXP Vulnerable to Denial-of-service (DoS) in the Multi-Factor Authentication Module
Denial-of-service DoS vulnerability in the Multi-Factor Authentication module in Liferay DXP 7.3 before fix pack 1 allows remote authenticated attackers to prevent any user from authenticating by 1 enabling Time-based One-time password TOTP on behalf of the other user or 2 modifying the other...
GHSA-82J7-2H3J-HC7F Liferay DXP Vulnerable to Denial-of-service (DoS) in the Multi-Factor Authentication Module
Denial-of-service DoS vulnerability in the Multi-Factor Authentication module in Liferay DXP 7.3 before fix pack 1 allows remote authenticated attackers to prevent any user from authenticating by 1 enabling Time-based One-time password TOTP on behalf of the other user or 2 modifying the other...
General Motors suffers credential stuffing attack
American car manufacturer General Motors GM says it experienced a credential stuffing attack last month. During the attack customer information and reward points were stolen. The subject of the attack was an online platform, run by GM, to help owners of Chevrolet, Buick, GMC, and Cadillac vehicle...
SIM-based Authentication Aims to Transform Device Binding Security to End Phishing
Let's face it: we all use email, and we all use passwords. Passwords create inherent vulnerability in the system. The success rate of phishing attacks is skyrocketing, and opportunities for the attack have greatly multiplied as lives moved online. All it takes is one password to be compromised fo...
HashiCorp Vault improper configuration of multi factor authentication
HashiCorp Vault and Vault Enterprise from 1.10.0 to 1.10.2 did not correctly configure and enforce MFA on login after server restarts. This affects the Login MFA feature introduced in Vault and Vault Enterprise 1.10.0 and does not affect the separate Enterprise MFA feature set. Fixed in 1.10.3...
GHSA-C5WC-V287-82PC HashiCorp Vault improper configuration of multi factor authentication
HashiCorp Vault and Vault Enterprise from 1.10.0 to 1.10.2 did not correctly configure and enforce MFA on login after server restarts. This affects the Login MFA feature introduced in Vault and Vault Enterprise 1.10.0 and does not affect the separate Enterprise MFA feature set. Fixed in 1.10.3...
Hashicorp Vault 安全漏洞
Hashicorp HashiCorp Vault is a private key access management tool from Hashicorp USA. A security vulnerability exists in HashiCorp Vault and Vault Enterprise versions 1.10.0 through 1.10.2, which stems from a misconfiguration and a forced MFA login after a server reboot...
PT-2022-20232 · Hashicorp · Hashicorp Vault +1
Name of the Vulnerable Software and Affected Versions: HashiCorp Vault and Vault Enterprise versions 1.10.0 through 1.10.2 Description: The issue is related to the improper configuration and enforcement of multi-factor authentication MFA on login after server restarts, specifically affecting the...
College closes down after ransomware attack
Lincoln College, one of the few rural schools in Illinois, said that it will permanently close on Friday, May 13, after 157 years, partly due to the impacts of the COVID-19 pandemic and partly due to a long recovery after a ransomware attack in December 2021. The institution notified the Illinois...
Government Agencies Warn of Increase in Cyberattacks Targeting MSPs
Multiple cybersecurity authorities from Australia, Canada, New Zealand, the U.K., and the U.S. on Wednesday released a joint advisory warning of threats targeting managed service providers MSPs and their customers. Key among the recommendations include identifying and disabling accounts that are ...
Your Phone May Soon Replace Many of Your Passwords
Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. Experts say the changes should help defeat many types of...
Five Eyes Alliance Advisory & Using Threat Intelligence
Trellix Global Defenders: Five Eyes Alliance Advisory and Using Threat Intelligence to Protect Against Future Attacks By Taylor Mullins · May 6, 2022 Evolving intelligence continues to indicate that the Russian government is exploring options to launch cyberattacks in retaliation against...
Internet Bug Bounty: rubygems.org Batching attack to `confirmation_token` by bypass rate limit
The following is copied from hackerone's report. https://hackerone.com/reports/1529183 --- I confirmed that EmailConfirmationsController has the same problem as https://hackerone.com/reports/449356...
Splunk Enterprise 授权问题漏洞
Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...
PT-2022-16229 · Ping Identity · Pingid Integration For Windows Login
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves the use of static encryption key material, which allows for the forging of an authentication token to other users within a tenant...