Lucene search
K

1378 matches found

Malwarebytes
Malwarebytes
added 2023/08/04 1:45 p.m.18 views

Microsoft Teams used in phishing campaign to bypass multi-factor authentication

Attackers believed to have ties to Russia's Foreign Intelligence Service SVR are using Microsoft Teams chats as credential theft phishing lures. Microsoft Threat Intelligence has posted details about the perceived attacks targeted at fewer than 40 unique global organizations. The targeted...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/03 6:38 a.m.51 views

Microsoft Exposes Russian Hackers' Sneaky Phishing Tactics via Microsoft Teams Chats

Microsoft on Wednesday disclosed that it identified a set of highly targeted social engineering attacks mounted by a Russian nation-state threat actor using credential theft phishing lures sent as Microsoft Teams chats. The tech giant attributed the attacks to a group it tracks as Midnight Blizza...

7.3AI score
Exploits0
Talos Blog
Talos Blog
added 2023/07/25 11:59 a.m.16 views

What might authentication attacks look like in a phishing-resistant future?

By Thorsten Rosendahl and Tiago Pereira, with contributions from Matthew Miller. The industry has come a long way in terms of improving how we make user authentication more secure. From the most basic concept of relying on usernames and passwords for authentication to enabling multi-factor...

7.3AI score
Exploits0
Citrix
Citrix
added 2023/07/13 12:0 a.m.16 views

Unable to login to Citrix Cloud - Error: "incorrect username, password or token"

Unable to login to Citrix Cloud to access virtualized app. The error message "incorrect username, password or token" is displayed. The process of setting up MFA works perfectly, but once Authenticator App is paired and actual login attempted, it always fails...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/12 9:30 a.m.11 views

How to secure your business before going on vacation

For many, the summer months should be a time of peace: Maybe taking some vacation, maybe strolling across warm, soft sands as sapphire waves lap up against your feet, maybe even spending time with family that you like. But for determined cybercriminals, these periods of near-universal rest and...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/23 2:44 p.m.36 views

Cybercrime Group 'Muddled Libra' Targets BPO Sector with Advanced Social Engineering

A threat actor known as Muddled Libra is targeting the business process outsourcing BPO industry with persistent attacks that leverage advanced social engineering ploys to gain initial access. "The attack style defining Muddled Libra appeared on the cybersecurity radar in late 2022 with the relea...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/13 1:39 p.m.32 views

Adversary-in-the-Middle Attack Campaign Hits Dozens of Global Organizations

"Dozens" of organizations across the world have been targeted as part of a broad business email compromise BEC campaign that involved the use of adversary-in-the-middle AitM techniques to carry out the attacks. "Following a successful phishing attempt, the threat actor gained initial access to on...

7.5AI score
Exploits0
NCSC
NCSC
added 2023/06/01 12:0 a.m.6 views

Vulnerabilities fixed in Joomla!

Joomla! has fixed vulnerabilities in the MultiFactor Authentication system of Joomla! CMS. An unauthenticated malicious party could exploit the vulnerabilities to launch a Cross-Site-Scripting XSS attack, or to use brute force to access the account. forcing to gain access to a user's account and...

7.5CVSS6.9AI score0.0056EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.3 views

PT-2023-19179 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 4.2.0 through 4.3.1 Description: The issue is related to the lack of rate limiting, which allows brute force attacks against Multi-Factor Authentication MFA methods. MFA is a security process that requires a user to provide t...

7.5CVSS6.9AI score0.0056EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.1 views

PT-2023-19178 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 4.2.0 through 4.3.1 Description: The issue is caused by a lack of input validation, resulting in an open redirect and XSS issue within the new mfa selection screen. Recommendations: For Joomla! versions 4.2.0 through 4.3.1,...

6.1CVSS5.9AI score0.00406EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.10 views

Joomla! 安全漏洞

Joomla! is a set of forum components used in the Joomla! content management system. A security vulnerability exists in Joomla! versions 4.2.0 through 4.3.1, which stems from a lack of rate limiting and allows brute force attacks on MFA methods...

7.5CVSS7.2AI score0.0056EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2023/05/24 5:0 a.m.15 views

CISA updates ransomware guidance

The Cybersecurity and Infrastructure Security Agency CISA has updated its StopRansomware guide to account for the fact that ransomware actors have accelerated their tactics and techniques since the original guide was released in September of 2020. The StopRansomware guide is set up as a one-stop...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/08 3:24 p.m.2 views

Join Our Webinar: Learn How to Defeat Ransomware with Identity-Focused Protection

Are you concerned about ransomware attacks? You're not alone. In recent years, these attacks have become increasingly common and can cause significant damage to organizations of all sizes. But there's good news - with the right security measures in place, such as real-time MFA and service account...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/08 6:10 a.m.35 views

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine

An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine CERT-UA. The emails, per the agency, are sent using compromised accounts and come with a ZIP...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2023/05/07 12:30 p.m.29 views

NTLMRecon - A Tool For Performing Light Brute-Forcing Of HTTP Servers To Identify Commonly Accessible NTLM Authentication Endpoints

NTLMRecon is a Golang version of the original NTLMRecon utility written by Sachin Kamath AKA pwnfoo. NTLMRecon can be leveraged to perform brute forcing against a targeted webserver to identify common application endpoints supporting NTLM authentication. This includes endpoints such as the Exchan...

7.3AI score
Exploits0References1
The Hacker News
The Hacker News
added 2023/05/01 10:53 a.m.3 views

Wanted Dead or Alive: Real-Time Protection Against Lateral Movement

Just a few short years ago, lateral movement was a tactic confined to top APT cybercrime organizations and nation-state operators. Today, however, it has become a commoditized tool, well within the skillset of any ransomware threat actor. This makes real-time detection and prevention of lateral...

7.1AI score
Exploits0
OSV
OSV
added 2023/04/25 7:15 p.m.8 views

CVE-2022-40722

A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA...

5.8CVSS5.8AI score0.00328EPSS
Exploits0References2
OSV
OSV
added 2023/04/25 7:15 p.m.3 views

CVE-2022-40723

The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations...

6.5CVSS5.8AI score0.00517EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/25 12:0 a.m.7 views

CVE-2022-40723 Configuration-based MFA Bypass in PingID RADIUS PCV.

The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations...

6.5CVSS7.4AI score0.00517EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/25 12:0 a.m.6 views

PingID Adapter 加密问题漏洞

PingID Adapter is a middleware for authentication and access control from Ping Identity. A security vulnerability exists in PingID Adapter that stems from the vulnerability of offline MFA to pre-computed dictionary attacks, which can lead to offline MFA being bypassed...

7.7CVSS5.9AI score0.00328EPSS
Exploits0References4
Rows per page
Query Builder