Lucene search
K

1378 matches found

The Hacker News
The Hacker News
added 2023/09/26 11:49 a.m.49 views

Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions

An updated version of an Android banking trojan called Xenomorph has set its sights on more than 35 financial institutions in the U.S. The campaign, according to Dutch security firm ThreatFabric, leverages phishing web pages that are designed to entice victims into installing malicious Android ap...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/21 2:0 a.m.10 views

Involved in a data breach? Here’s what you need to know

If you've received a message from a company saying your data has been caught up in a breach, you might be unsure what to do next. We've put together some tips which should help you when the more or less inevitable happens. 1. Check the companys advice Every breach is different, so check the...

7.1AI score
Exploits0
Snyk
Snyk
added 2023/09/18 1:48 p.m.9 views

Insecure Randomness

Amendment This was deemed not a vulnerability. Overview github.com/greenpau/caddy-security is a Security App and Plugin for Caddy v2. Affected versions of this package are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted...

9.8CVSS7.1AI score0.0068EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/09/18 7:0 a.m.37 views

Retool Falls Victim to SMS-Based Phishing Attack Affecting 27 Cloud Clients

Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted and SMS-based social engineering attack. The San Francisco-based firm blamed a Google Account cloud synchronization feature recently introduced in April 2023 for...

6.7AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2023/09/13 3:15 p.m.15 views

Malware Scanning: An Essential Layer of Website Security

Wordfence recently launched Wordfence CLI, a high performance command line malware scanner, which makes use of our extensive set of malware detection signatures to rapidly scan file systems for infections. In recent years, the WordPress community has seen a shift in emphasis towards prevention,...

7.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/08 12:0 a.m.174 views

Cisco Adaptive Security Appliance Software Remote Access VPN Unauthorized Access - Unauthorized Clientless SSL VPN Session Establishment (cisco-sa-asaftd-ravpn-auth-8LyfCkeC)

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. This vulnerability is due to improper separation of authentication, authorization,...

9.1CVSS8.7AI score0.21583EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/08 12:0 a.m.20 views

SolarWinds Serv-U 15.4 < 15.4 HF2 Authentication Bypass

The version of SolarWinds Serv-U installed on the remote host is prior to 15.4 HF2. It is, therefore, affected by a vulnerability as referenced in the serv-u154hf2 advisory. - A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass...

7.2CVSS7AI score0.00918EPSS
Exploits0References2
NVD
NVD
added 2023/09/07 4:15 p.m.9 views

CVE-2023-40060

A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely...

7.2CVSS6.9AI score0.00872EPSS
Exploits0References2
OSV
OSV
added 2023/09/07 4:15 p.m.5 views

CVE-2023-40060

A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely...

7.2CVSS5.7AI score0.00872EPSS
Exploits0References2
Prion
Prion
added 2023/09/07 4:15 p.m.32 views

Authentication flaw

A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely...

5.8CVSS6.9AI score0.00872EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/09/07 3:57 p.m.53 views

CVE-2023-40060

Summary: CVE-2023-40060 affects SolarWinds Serv-U 15.4 and 15.4 Hotfix 1, allowing an administrator-level attacker to bypass MFA/MFA. The issue was not fully resolved by 15.4 Hotfix 1. Affected software & cause: Serv-U FTP Server (15.4 and 15.4 Hotfix 1). The root cause is an authentication bypas...

7.2CVSS6.9AI score0.00872EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/07 12:0 a.m.5 views

PT-2023-27243 · Solarwinds · Serv-U

Name of the Vulnerable Software and Affected Versions: Serv-U versions 15.4 through 15.4 Hotfix 1 Description: A vulnerability has been identified that allows an actor to bypass multi-factor/two-factor authentication if exploited. The actor must have administrator-level access to Serv-U to perfor...

7.2CVSS7AI score0.00872EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/09/07 12:0 a.m.5 views

SolarWinds Serv-U FTP Server Access Control Error Vulnerability

SolarWinds Serv-U FTP Server is a suite of FTP and MFT file transfer software from the US-based SolarWinds Corporation. An access control error vulnerability exists in versions of SolarWinds Serv-U FTP Server prior to 15.4 HF2, which stems from an attacker being able to bypass multi/two-factor...

7.2CVSS6.7AI score0.00872EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/09/05 11:56 a.m.27 views

Way Too Vulnerable: Join this Webinar to Understand and Strengthen Identity Attack Surface

In today's digital age, it's not just about being online but how securely your organization operates online. Regardless of size or industry, every organization heavily depends on digital assets. The digital realm is where business takes place, from financial transactions to confidential data...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/04 5:40 a.m.54 views

Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus

Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file. The sneaky method, dubbed MalDoc in PDF by JPCERT/CC, is said to have been employed in an in-the-wild attack in July 2023. "A file created...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/01 10:45 a.m.23 views

A firsthand perspective on the recent LinkedIn account takeover campaign

Not long ago I wrote about a recent campaign to hold LinkedIn users' accounts to ransom. Shortly after I published the article, a co-worker, Pearce, reached out to me told me he'd been a target of the campaign. His story begins with an SMS text from LinkedIn telling him to reset his password. He...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/08/29 2:0 p.m.77 views

Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs

Tyler Starks, Christiaan Beek, Robert Knapp, Zach Dayton, and Caitlin Condon contributed to this blog. Rapid7’s managed detection and response MDR teams have observed increased threat activity targeting Cisco ASA SSL VPN appliances physical and virtual dating back to at least March 2023. In some...

6.4CVSS7.2AI score0.21583EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/29 3:0 a.m.14 views

Cisco VPNs without MFA are under attack by ransomware operator

The Cisco Product Security Incident Response Team PSIRT has posted a blog about Akira ransomware targeting VPNs without Multi-Factor Authentication MFA. The Cisco team states that it is aware of reports of the Akira ransomware group going specifically after Cisco VPNs that are not configured for...

7.4AI score
Exploits0
Citrix
Citrix
added 2023/08/21 12:0 a.m.7 views

Unable to enter multi-factor authentication with Citrix DaaS Remote PowerShell SDK

After installing and running the Virtual Apps and Desktops Remote PowerShell SDK, explicit authentication is required using the Get-XdAuthentication cmdlet. After entering the username and password, multi-factor authentication dialog is displayed,but the 6-digit OTP code input items are not...

7.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/08/17 1:0 p.m.23 views

Rapid7’s Mid-Year Threat Review

It will come as little surprise to most people that cyber threats in 2023 have been rather prolific. From widely exploited vulnerabilities to high-profile ransomware and extortion campaigns, the first half of the year has seen more than its fair share of large-scale incidents. Rapid7’s 2023...

7.1AI score
Exploits0
Rows per page
Query Builder