Lucene search
K

1378 matches found

Trellix
Trellix
added 2022/02/28 12:0 a.m.8 views

Cyberattacks Targeting Ukraine and HermeticWiper Protections

Trellix Global Defenders: Cyberattacks Targeting Ukraine and HermeticWiper Protections By Taylor Mullins · February 28, 2022 Trellix is monitoring the ongoing cyberattacks targeting the Ukraine and any threat activity targeting entities outside of the Ukraine. Trellix is continuing to add...

7.4AI score
Exploits0
OSV
OSV
added 2022/02/25 12:1 a.m.16 views

GHSA-6W4V-QR4M-97GG Multi-Factor Authentication issue in Laravel Fortify

Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept...

8.1CVSS8AI score0.00931EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2022/02/25 12:1 a.m.47 views

Multi-Factor Authentication issue in Laravel Fortify

Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept...

8.1CVSS2.1AI score0.00931EPSS
Exploits0References7Affected Software1
CNVD
CNVD
added 2022/02/25 12:0 a.m.24 views

IBM Sterling Secure Proxy缓冲区溢出漏洞

IBM Sterling Secure Proxy, an IBM application proxy for securing file transfers in an organization's unprotected zone DMZ, secures trusted zones with multi-factor authentication, SSL session interruption, inbound firewall vulnerability patching, protocol checking, and other controls.IBM Sterling...

6.5CVSS1AI score0.00576EPSS
Exploits0References1
ICS
ICS
added 2022/02/24 12:0 p.m.73 views

Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks

Summary Actions to Take Today to Protect Against Malicious Activity Search for indicators of compromise. Use antivirus software. Patch all systems. Prioritize patching known exploited vulnerabilities. Train users to recognize and report phishing attempts. Use multi-factor authentication. Note: th...

10CVSS8.6AI score0.99965EPSS
Exploits134References134
Friends Of PHP
Friends Of PHP
added 2022/02/23 4:4 p.m.24 views

Multi-Factor Authentication issue in Laravel Fortify

Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept...

8.1CVSS8AI score0.00931EPSS
Exploits0Affected Software1
Akamai Blog
Akamai Blog
added 2022/02/22 2:0 p.m.13 views

Adding Multi-Factor Authentication to Employee Logins: A Sound Security Principle

The year 2021 was definitely challenging for security practitioners. The number of data breaches continued to rise; a report issued by the Identity Theft Resource Center stated that the total number of breaches in the first three quarters of 2021 exceeded the total number of events in all of 2020...

2.1AI score
Exploits0
hivepro
hivepro
added 2022/02/18 12:20 p.m.682 views

Russian state-sponsored cyber actors targeting U.S. critical infrastructure

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here In a joint cybersecurity advisory, the Federal Bureau of Investigation FBI, the National Security Agency NSA, the Cybersecurity and Infrastructure Security Agency CISA revealed that Russian state-sponsored threat actors target...

9CVSS0.4AI score0.99999EPSS
Exploits56
The Hacker News
The Hacker News
added 2022/02/15 1:16 p.m.27 views

SafeDNS: Cloud-based Internet Security and Web Filtering Solution for MSPs

Remote workplace trend is getting the upper hand in 2022. A recent survey by IWG the International Workplace Group determined that 70% of the world's professionals work remotely at least one day a week, with 53% based outside their workplace at least half of the week. Taking this into...

0.2AI score
Exploits0
ICS
ICS
added 2022/02/10 12:0 p.m.45 views

Ransomware Awareness for Holidays and Weekends

Summary Immediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Update your OS and software. • Use strong passwords. • Usemulti-factor authentication. The Federal Bureau ...

9.7AI score
Exploits0References43
Malwarebytes
Malwarebytes
added 2022/02/09 11:55 a.m.21 views

Microsoft: Slow MFA adoption presents “dangerous mismatch” in security

Multi-factor authentication MFA has been around for many years now, but few enterprises have fully embraced it. In fact, according to Microsofts inaugural "Cyber Signals" report, only 22 percent of all its Azure Active Directory AD enterprise clients have adopted two-factor authentication 2FA, a...

7.7AI score
Exploits0
ThreatPost
ThreatPost
added 2022/02/04 1:28 p.m.130 views

Attackers Target Intuit Users by Threatening to Cancel Tax Accounts

Just in time for tax season, Intuit is warning customers of a phishing campaign that threatens to close user accounts if they don’t click on a malicious link. The attacks on the accounting-software specialist that many people use for filing U.S. income tax forms comes as phishers overall are...

8.6AI score
Exploits0References6
ThreatPost
ThreatPost
added 2022/02/03 10:10 p.m.330 views

Low-Detection Phishing Kits Increasingly Bypass MFA

More and more phishing kits are focusing on bypassing multi-factor authentication MFA methods, researchers have warned – typically by stealing authentication tokens via a man-in-the-middle MiTM attack. As MFA continues to see widespread consumer and business adoption – a full 78 percent of...

9AI score
Exploits0References4
The Hacker News
The Hacker News
added 2022/01/28 11:10 a.m.28 views

Hackers Using Device Registration Trick to Attack Enterprises with Lateral Phishing

Microsoft has disclosed details of a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices on a victim's network to further propagate spam emails and widen the infection pool. The tech giant said the attacks manifested through accounts that were not secured...

1AI score
Exploits0
Akamai Blog
Akamai Blog
added 2022/01/25 2:0 p.m.16 views

Deploying Zero Trust Network Access for Secure Application Access? Don’t Forget to Secure Your Employees

Secure your workforce with the help of multi-factor authentication and Akamai's Zero Trust Network Access application in place of a virtual private network VPN...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/01/24 2:6 p.m.16 views

Imperva Champions Data Privacy Week 2022

As a cybersecurity industry leader, Imperva is working with the National Cybersecurity Alliance NCA as a 2022 Data Privacy Week Champion to promote the need for businesses to prioritize data privacy and protection and the importance of individuals and companies to secure their online data. As par...

0.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/01/21 5:11 p.m.24 views

Crime Shop Sells Hacked Logins to Other Crime Shops

Up for the "Most Meta Cybercrime Offering" award this year is Accountz Club, a new cybercrime store that sells access to purloined accounts at services built for cybercriminals, including shops peddling stolen payment cards and identities, spamming tools, email and phone bombing services, and tho...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/01/21 1:2 p.m.16 views

CISA calls for urgent action against critical threats

In a CISA Insights bulletin the Cybersecurity & Infrastructure Security Agency CISA warns that every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. The warning specifically reminds readers of...

1.4AI score
Exploits0
Trellix
Trellix
added 2022/01/20 12:0 a.m.22 views

Update on WhisperGate, Destructive Malware Targeting Ukraine – Threat Intelligence & Protections Update

Update on WhisperGate, Destructive Malware Targeting Ukraine – Threat Intelligence & Protections Update By Taylor Mullins, Mo Cashman and Raj Samani · January 20, 2022 Recent news reports of a “ransomware” campaign targeting Ukraine has resulted in significant press coverage regarding not only...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/01/18 2:40 p.m.31 views

Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts

Cybersecurity researchers have disclosed details of a now-patched bug in Box's multi-factor authentication MFA mechanism that could be abused to completely sidestep SMS-based login verification. "Using this technique, an attacker could use stolen credentials to compromise an organization's Box...

1.3AI score
Exploits0
Rows per page
Query Builder