1378 matches found
CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities
On November 8, 2022, Citrix published Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516 announcing fixes for three vulnerabilities: CVE-2022-27510 “Unauthorized access to Gateway user capabilities” CVE-2022-27513 “Remote desktop takeover via...
Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan
Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. "Xenomorph is a trojan that steals credentials from banking applications on users' devices,"...
Upcoming changes in XenCenter
To provide you with greater security, the Citrix Insight Services CIS website has extended its multi-factor authentication requirement to applications, like XenCenter, that use the API to upload data. As a result, we are making changes to how XenCenter interacts with CIS. Important : XenCenter...
Robin Banks Phishing Service for Cybercriminals Returns with Russian Server
A phishing-as-a-service PhaaS platform known as Robin Banks has relocated its attack infrastructure to DDoS-Guard, a Russian provider of bulletproof hosting services. The switch comes after "Cloudflare disassociated Robin Banks phishing infrastructure from its services, causing a multi-day...
Business Logic Errors
rdiffweb contains business logic errors. A privileged local attacker is able to disable multi factor authentication, which leads to unauthorized access...
Why Cybersecurity Awareness Month is Every Month
Cybersecurity is a year-round issue Cybersecurity awareness is important year-round for the security of our businesses and customers. We’re proud to be a supporter of Cybersecurity Awareness Month. It has been invaluable in raising awareness of digital safety issues for a broad cross-section of...
5 essential security tips for SMBs
In any business, the security of each computer is intimately connected to the security of every other computer. Interconnectedness allows attackers to turn a breach, a fault, or an oversight on one machine into access on all the machines its connected to. That means any attack on any computer is ...
Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
Summary Actions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure Security Agency CISA and the Multi-State Information Sharing &...
Why Imperva is a Cybersecurity Awareness Month Champion
This is our second consecutive year as a champion of Cybersecurity Awareness Month. Nowadays, IT security is everyone’s responsibility, and that’s something we take very seriously. Cybersecurity Awareness Month raises awareness of the core principles behind cybersecurity and highlights the key...
The 5-Question Test to Assess Your Readiness to Manage Insider Threats
An insider threat is a cyber security risk that originates from within any organization that is being targeted by attackers. Often, insider threats involve a current or former employee, or business associate, who has access to sensitive information or privileged accounts, and who misuses this...
Hackers Using Malicious OAuth Apps to Take Over Email Servers
Microsoft on Thursday warned of a consumer-facing attack that made use of rogue OAuth applications deployed on compromised cloud tenants to ultimately seize control of Exchange servers and spread spam. "The threat actor launched credential stuffing attacks against high-risk accounts that didn't...
Malicious OAuth applications abuse cloud email services to spread spam
Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange Online settings and spread spam. The investigation revealed that the threat actor launched credential stuffing attacks against...
Rockstar Games Confirms Hacker Stole Early Grand Theft Auto VI Footage
American video game publisher Rockstar Games on Monday revealed it was a victim of a "network intrusion" that allowed an unauthorized party to illegally download early footage for the Grand Theft Auto VI. "At this time, we do not anticipate any disruption to our live game services nor any long-te...
Hackers Had Access to LastPass's Development Systems for Four Days
Password management solution LastPass shared more details pertaining to the security incident last month, disclosing that the threat actor had access to its systems for a four-day period in August 2022. "There is no evidence of any threat actor activity beyond the established timeline," LastPass...
The 2022 SANS Top New Attacks and Threats Report Is In, and It's Required Reading
The latest Top New Attacks and Threat Report from the cybersecurity experts at SANS is here — and the findings around cyberthreats, attacks, and best practices to defend against them are as critical for security teams as they've ever been. If you're unfamiliar with the SysAdmin, Audit, Network, a...
CVE-2022-37144
The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. An unauthenticated remote attacker in possession of a valid username and password can bruteforce their way past MFA protections to login as the targeted user...
PlexTrac API 安全漏洞
PlexTrac is a penetration test reporting and management platform from PlexTrac Inc. in the United States. A security vulnerability exists in the PlexTrac API prior to version 1.17.0, which stems from an unrestricted number of MFA TOTP submission attempts, where an unauthenticated, remote attacker...
PT-2022-23836 · Plextrac · Plextrac
Name of the Vulnerable Software and Affected Versions: PlexTrac platform versions prior to 1.17.0 Description: The issue allows an unauthenticated remote attacker with a valid username and password to bruteforce their way past MFA protections and login as the targeted user due to the lack of...
Broadcom Symantec Privileged Access Management Elevation of Privilege Vulnerability
Broadcom Symantec Privileged Access Management is a security software from Broadcom, Inc. It helps prevent security breaches by protecting sensitive administrative credentials, controlling privileged user access, proactively enforcing security policies, and monitoring and logging privileged user...
How 1-Time Passcodes Became a Corporate Liability
Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the worlds largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a...