Lucene search
K

225 matches found

Talos Blog
Talos Blog
added 2024/10/24 10:0 a.m.19 views

Talos IR trends Q3 2024: Identity-based operations loom large

Threat actors are increasingly conducting identity-based attacks across a range of operations that are proving highly effective, with credential theft being the main goal in a quarter of incident response engagements. These attacks were primarily facilitated by living-off-the-land binaries LoLBin...

8.2AI score0.2677EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/10/18 11:0 a.m.45 views

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks. "Since October 2023, Iranian actors have used brute force and passwor...

10CVSS7.2AI score0.99512EPSS
Exploits75
CISA
CISA
added 2024/10/16 12:0 p.m.4 views

CISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force

Today, CISA—with the Federal Bureau of Investigation FBI, the National Security Agency NSA, and international partners—released joint Cybersecurity Advisory Iranian Cyber Actors Brute Force and Credential Access Activity Compromises Critical Infrastructure. This advisory provides known indicators...

7.1AI score
Exploits0References3
Wired Threat Level
Wired Threat Level
added 2024/08/28 3:19 p.m.13 views

Notorious Iranian Hackers Have Been Targeting the Space Industry With a New Backdoor

In addition to its long-standing password spraying attacks, Microsoft says Iran-backed hacker group Peach Sandstorm—or APT 33—has developed custom malware dubbed “Tickler.”...

7.4AI score
Exploits0
OSV
OSV
added 2024/06/17 10:28 p.m.19 views

GHSA-4GM4-C4MH-4P7W Firefly III has a MFA bypass in oauth flow

Impact A MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to your Firefly III data using passwords stolen from other sources. As OAuth applications are easily enumerable using an...

5.9CVSS5.9AI score0.00594EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/06/17 10:28 p.m.48 views

Firefly III has a MFA bypass in oauth flow

Impact A MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to your Firefly III data using passwords stolen from other sources. As OAuth applications are easily enumerable using an...

5.9CVSS7.2AI score0.00594EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/06/17 8:15 p.m.29 views

CVE-2024-37893

Firefly III is a free and open source personal finance manager. In affected versions an MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to Firefly III data using passwords stolen from...

5.9CVSS0.00594EPSS
Exploits0References3
CVE
CVE
added 2024/06/17 7:39 p.m.104 views

CVE-2024-37893

Firefly III Vulnerability (CVE-2024-37893): A MFA bypass in the Firefly III OAuth flow could allow an attacker to bypass MFA and access data via password spraying, leveraging compromised passwords from other sources. Attackers could enumerate OAuth applications (due to incrementing IDs) to target...

5.9CVSS5.9AI score0.00594EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/17 7:39 p.m.23 views

CVE-2024-37893 MFA bypass in oauth flow in Firefly III

Firefly III is a free and open source personal finance manager. In affected versions an MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to Firefly III data using passwords stolen from...

5.9CVSS7.4AI score0.00594EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/17 7:39 p.m.34 views

CVE-2024-37893 MFA bypass in oauth flow in Firefly III

Firefly III is a free and open source personal finance manager. In affected versions an MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to Firefly III data using passwords stolen from...

5.9CVSS0.00594EPSS
Exploits0References3
OSV
OSV
added 2024/06/17 7:39 p.m.6 views

CVE-2024-37893 MFA bypass in oauth flow in Firefly III

Firefly III is a free and open source personal finance manager. In affected versions an MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to Firefly III data using passwords stolen from...

5.9CVSS7.1AI score0.00594EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/06/17 12:0 a.m.13 views

PT-2024-27815

Name of the Vulnerable Software and Affected Versions Firefly III versions prior to 6.1.17 Description A bypass of the multi-factor authentication MFA check in the Firefly III OAuth flow may allow malicious users to access Firefly III data using passwords stolen from other sources. This can be...

5.9CVSS6AI score0.00594EPSS
Exploits0References9
GithubExploit
GithubExploit
added 2024/06/02 2:15 p.m.988 views

Exploit for Type Confusion in Google Chrome

Chrome Renderer 1day RCE via Type Confusion in Async Stack Tra...

8.8CVSS8.8AI score0.4351EPSS
Exploits1
Rapid7 Blog
Rapid7 Blog
added 2024/05/10 8:12 p.m.45 views

Metasploit Wrap-Up 05/10/2024

Password Spraying support Multiple bruteforce/login scanner modules have been updated to support a PASSWORDSPRAY module option. This work was completed in pull request 19079 from nrathaus as well as an additional update from our developers . When the password spraying option is set, the order of...

7.5CVSS9.3AI score0.99539EPSS
Exploits29
The Hacker News
The Hacker News
added 2024/03/29 12:12 p.m.59 views

TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

A botnet previously considered to be rendered inert has been observed enslaving end-of-life EoL small home/small office SOHO routers and IoT devices to fuel a criminal proxy service called Faceless. "TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/25 11:37 a.m.32 views

Key Lesson from Microsoft's Password Spray Hack: Secure Every Account

In January 2024, Microsoft discovered they'd been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard sometimes known as Nobelium. The concerning detail about this case is how easy it was to breach the software giant. It wasn't a highly technical hack that exploited a...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/27 10:34 a.m.27 views

Five Eyes Agencies Expose APT29's Evolving Cloud Attack Tactics

Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard formerly Nobelium, a...

8AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/13 12:0 a.m.412 views

ManageEngine ADManager Plus Recovery Password Disclosure

Exploit Title: ManageEngine ADManager Plus Build 7183 - Recovery Password Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/ad-manager/ Details:...

6.5CVSS7.1AI score0.05312EPSS
Exploits4
Microsoft Secure
Microsoft Secure
added 2023/12/12 6:0 p.m.30 views

Threat actors misuse OAuth applications to automate financially driven attacks

Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. OAuth is an open standard for token-based authentication and authorization that enables applications to get access to data and resources based on permissions set by a user. Threat actors compromi...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/19 12:13 p.m.15 views

IT administrators’ passwords are awful too

The key is under the doormat by the front door. The administrator password is "admin". These are easy to remember clues when you are providing entrance to someone you trust. The problem is that they are also enormously easy to guess. It’s where we would expect an unwanted visitor to check first,...

7.3AI score
Exploits0
Rows per page
Query Builder