2016 and Authentication - Information Management Today

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

The Last Watchdog

MAY 24, 2022

Perhaps not coincidently, it comes at a time when enterprises have begun adopting passwordless authentication systems in mission-critical parts of their internal operations. Fortifications, such as multi-factor authentication (MFA) and password managers, proved to be mere speed bumps. Coming advances.

Authentication

Authentication Passwords Digital transformation Cloud

SEC Settles With 2 Traders Over EDGAR Hacking Case

Data Breach Today

APRIL 11, 2020

SEC has settled charges against two traders who were accused of profiting from the hacking of an EDGAR server in 2016. The Ukrainian man who allegedly hacked the system by bypassing its authentication control remains at large. Ukrainian Man Behind the Actual Hacking Remains at Large The U.S.

Authentication

Authentication IT

Zendesk 2016 security breach may impact Uber, Slack, and other organizations

Security Affairs

OCTOBER 2, 2019

Zendesk discloses a data breach that took place in 2016 when a hacker accessed data of 10,000 users, including passwords, emails, names, and phone numbers. In 2016, customer service software company Zendesk suffered a security breach that exposed data of 10,000 users, including passwords, emails, names, and phone numbers.

Security

Security Passwords Data breaches Authentication

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

DigiCert Snags Longtime Zscaler Executive Amit Sinha as CEO

Data Breach Today

OCTOBER 19, 2022

Zscaler President Sinha Replaces John Merrill, Who Led DigiCert From 2016 to 2022 Certificate heavyweight DigiCert has landed Zscaler second-in-command Amit Sinha as its new leader and tasked him with boosting trust around connected device and user authentication.

Authentication

Authentication IT

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

Password Management : Use strong, unique passwords and implement multi-factor authentication (MFA) whenever possible, prioritizing authentication apps or hardware tokens over SMS text-based codes. Reference the provided resources for establishing DMARC authentication.

Phishing

Phishing Ransomware Security awareness Authentication

FCA fines Tesco Bank £16.4m over 2016 cyber attack

Security Affairs

OCTOBER 2, 2018

as part of a settlement with the Financial Conduct Authority following the 2016 security breach. fine to Tesco Bank for the vulnerabilities in its systems that were exploited by hackers to steal millions of pounds from customers’ online accounts in 2016. Configure specific authentication and fraud detection rules.

Risk

Risk Authentication Marketing Security

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

NOVEMBER 15, 2021

Microsoft has released out-of-band security updates to address authentication issues affecting Windows Server. Microsoft has released out-of-band updates to fix authentication failures related to Kerberos delegation scenarios impacting Domain Controllers (DC) running Windows Server.

Authentication

Authentication Security IT Information Security

DEA Investigating Breach of Law Enforcement Data Portal

Krebs on Security

MAY 12, 2022

A document published by the Obama administration in May 2016 (PDF) says the DEA’s El Paso Intelligence Center (EPIC) systems in Texas are available for use by federal, state, local and tribal law enforcement, as well as the Department of Defense and intelligence community. .

Authentication

Authentication Passwords Government Access

New Version of Meduza Stealer Released in Dark Web

Security Affairs

DECEMBER 29, 2023

Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11. The product has been originally emerged at XSS underground forum, and later received positive feedback on other well-established communities including Exploit.

Passwords

Passwords Authentication Data collection Privacy

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

FortiGuard Labs researchers observed a worrisome level of attacks attempting to exploit an authentication bypass vulnerability in TBK DVR devices. Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices. in MVPower CCTV DVR models.

Authentication

Authentication Retail Education Marketing

CNIL Fines Uber for Data Security Failure Related to 2016 Data Breach

Hunton Privacy

DECEMBER 27, 2018

for failure to implement some basic security measures that made possible the 2016 Uber data breach. published an article on its website revealing that two external individuals had accessed the personal data of 57 million Uber riders and drivers worldwide at the end of 2016. and Uber Technologies Inc., Background. and Uber B.V.

Data breaches

Data breaches Personal data Security Access

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs

MARCH 30, 2024

12 percent of the listed servers are running a version of Exchange Server that is no longer supported, and around 25 percent of all servers use current versions of Exchange 2016 and 2019 that lack of security patches. “Around 45,000 Microsoft Exchange servers in Germany can currently be accessed from the Internet without restrictions.

Information Security

Information Security Cybersecurity Education Authentication

FBI Warns of ‘Unlimited’ ATM Cashout Blitz

Krebs on Security

AUGUST 12, 2018

million from accounts at the National Bank of Blacksburg in two separate ATM cashouts between May 2016 and January 2017. The 2016 unlimited operation against National Bank began Saturday, May 28, 2016 and continued through the following Monday. All told, the attackers managed to siphon almost $570,000 in the 2016 attack.

Phishing

Phishing Authentication Retail Encryption

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

. “To make sure that your Exchange organization is better protected against the latest threats (for example Emotet, TrickBot or WannaCry to name a few) we recommend disabling SMBv1 if it’s enabled on your Exchange (2013/2016/2019) server.” It also provides an authenticated inter-process communication mechanism.

Authentication

Authentication Communications Encryption IT

CISA adds Apache Superset bug to its Known Exploited Vulnerabilities catalog

Security Affairs

JANUARY 9, 2024

Apache Superset contains an insecure default initialization of a resource vulnerability that allows an attacker to authenticate and access unauthorized resources on installations that have not altered the default configured SECRET_KEY according to installation instructions. Improper Access Control Vulnerability CVE-2023-23752.

IT

IT Cybersecurity Authentication Ransomware

Fat Patch Tuesday, February 2024 Edition

Krebs on Security

FEBRUARY 13, 2024

” Microsoft notes that prior to its Exchange Server 2019 Cumulative Update 14 (CU14), a security feature called Extended Protection for Authentication (EPA), which provides NTLM credential relay protections, was not enabled by default.

Phishing

Phishing Authentication Security IT

Obtaining password hashes of Windows systems with PetitPotam attack

Security Affairs

JULY 23, 2021

Security researcher Gilles Lionel (aka Topotam ) has discovered a vulnerability in the Windows operating system that allows an attacker to force remote Windows machines to authenticate and share their password hashes with him. “PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function.

Passwords

Passwords Authentication Encryption Access

PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online

Security Affairs

NOVEMBER 20, 2022

they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell in the context of the system and gain arbitrary or remote code execution on vulnerable servers. The two flaws are: CVE-2022-41040 – Microsoft Exchange Server Elevation of Privilege Vulnerability.

Authentication

Authentication Cybersecurity Security IT

Expert released PoC exploit code for Microsoft Exchange CVE-2021-42321 RCE bug

Security Affairs

NOVEMBER 23, 2021

Microsoft pointed out that the flaw can be exploited only by an authenticated attacker. Microsoft addressed the flaw with the release of Microsoft Patch Tuesday security updates for November 2021 , the vulnerability impacts on-premises Exchange Server 2016 and Exchange Server 2019. “We read the announcement published by Microsoft.

Authentication

Authentication Security IT Information Security

Vulnerability Recap 4/1/24: Cisco, Fortinet & Windows Server Updates

eSecurity Planet

APRIL 1, 2024

When either on-premise or cloud-based Active Directory domain controllers process Kerberos authentication requests, the leak causes the LSASS process to stop responding and the domain controller will unexpectedly restart. Oglio tracks vulnerability CVE-2023-48022 , rated CVSS 9.8 (out out of 10), and calls it Shadow Ray.

Libraries

Libraries Authentication Artificial Intelligence Cloud

Microsoft Exchange zero-day and exploit could allow anyone to be an admin

Security Affairs

JANUARY 25, 2019

“Recently I came across a blog from the ZDI, in which they detail a way to let Exchange authenticate to attackers using NTLM over HTTP. Mollema demonstrated that it’s possible to transfer automatic Windows authentication by connecting a machine on the network to a machine under the control of the attacker.

Authentication

Authentication Passwords Access Security

Microsoft publishes mitigations for the PetitPotam attack

Security Affairs

JULY 26, 2021

A few days ago, security researcher Gilles Lionel (aka Topotam ) has discovered a vulnerability in the Windows operating system that allows an attacker to force remote Windows machines to authenticate and share their password hashes with him. Lionel also published a proof-of-concept (PoC) exploit code on GitHub. are most exposed.

Authentication

Authentication Passwords Encryption Security

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

Firsov also tweeted about competing in and winning several “capture the flag” hacking competitions, including the 2016 and 2017 CTF challenges at Positive Hack Days (PHDays), an annual security conference in Moscow. Isis’ profile on antichat. ” A Google Translate version of that advertisement is here (PDF).

Sales

Sales Passwords Authentication Security

Counting Down to the EU NIS2 Directive

Thales Cloud Protection & Licensing

MAY 22, 2024

Evolving from NIS to NIS2 Initially adopted in 2016, the original Network and Information Security Directive (NIS) relied heavily on the discretion of individual member states and lacked accountability. Multi-factor authentication or continuous authentication solutions. They start enforcing those measures the very next day.

Compliance

Compliance Authentication Healthcare Cybersecurity

The Unsexy Threat to Election Security

Krebs on Security

JULY 25, 2019

The report notes that concerns about the security of these channels is hardly theoretical: In 2010, intruders hijacked ACRE’s election results Web page, and in 2016, cyber thieves successfully breached several county employee email accounts in a spear-phishing attack. Public confidence is at stake, even if the vote itself is secure.”

Security

Security Authentication Passwords Manufacturing

Microsoft Patch Tuesday, February 2022 Edition

Krebs on Security

FEBRUARY 8, 2022

Among those is CVE-2022-22005 , a weakness in Microsoft’s Sharepoint Server versions 2013-2019 that could be exploited by any authenticated user. “However, given the number of stolen credentials readily available on underground markets, getting authenticated could be trivial. .

Authentication

Authentication Systems administration Ransomware Marketing

Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks

Security Affairs

SEPTEMBER 30, 2020

Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which runs as SYSTEM.” A remote, authenticated attacker could exploit the CVE-2020-0688 vulnerability to execute arbitrary code with SYSTEM privileges on a server and take full control.

Authentication

Authentication Cybersecurity Risk Security

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

The Last Watchdog

AUGUST 18, 2021

billion in 2016, for instance. There are simple steps consumers can take today, for free, to lower their overall risk of a cyber attack, including using multi-factor authentication for their accounts and using strong passwords. A lot of water has flowed under the bridge since then. billion in 2017; Avast acquired AVG for $1.3

Security

Security Marketing Privacy Personal data

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Krebs on Security

MARCH 2, 2021

The patches released today fix security problems in Microsoft Exchange Server 2013 , 2016 and 2019. The software giant typically releases security updates on the second Tuesday of each month, but it occasionally deviates from that schedule when addressing active attacks that target newly identified and serious vulnerabilities in its products.

Education

Education Access Authentication Communications

Microsoft confirms Exchange zero-day flaws actively exploited in the wild

Security Affairs

OCTOBER 1, 2022

The IT giant has promptly started the investigation into the two zero-day vulnerabilities that impacts Microsoft Exchange Server 2013, 2016, and 2019. Successful exploitation of the CVE-2022-41040 can allow an authenticated attacker to remotely trigger CVE-2022-41082. . ” reads the advisory published by Microsoft.

Authentication

Authentication Cybersecurity Access Risk

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Krebs on Security

MAY 14, 2019

“This vulnerability is pre-authentication and requires no user interaction,” Pope said. CVE-2019-0708 does not affect Microsoft’s latest operating systems — Windows 10 , Windows 8.1 , Windows 8 , Windows Server 2019 , Windows Server 2016 , Windows Server 2012 R2 , or Windows Server 2012.

Ransomware

Ransomware Authentication Security IT

Zyxel 0day Affects its Firewall Products, Too

Krebs on Security

FEBRUARY 26, 2020

.” Indeed, while the exploit also works against more than a dozen of Zyxel’s NAS product lines, the company only released updates for NAS products that were newer than 2016. Its advice for those still using those unsupported NAS devices? “Do not leave the product directly exposed to the internet.

IT

IT Sales Ransomware IoT

Microsoft: Two New 0-Day Flaws in Exchange Server

Krebs on Security

OCTOBER 1, 2022

In customer guidance released Thursday, Microsoft said it is investigating two reported zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019.

Passwords

Passwords Phishing Authentication Access

Social Blade discloses security breach

Security Affairs

DECEMBER 16, 2022

The exposed data include email addresses, password hashes, client IDs, IP addresses, and tokens for business API users, authentication tokens for connected accounts, and non-personal and internal data was compromised. Looking for 1-2 sales then thread will be deleted.” ” reads the announcement. Pierluigi Paganini.

Security

Security Sales Data breaches Analytics

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

The Mirai botnet was first discovered in August 2016 by the MalwareMustDie researcher Mirai source code , two months later its source code was leaked online. Since 2016, security experts have discovered numerous variants of the Mirai botnet such as Masuta , Okiru , Satori , Mukashi , SORA , and Tsunami.

IoT

IoT Authentication Security IT

Nine Charged in Alleged SIM Swapping Ring

Krebs on Security

MAY 10, 2019

.” In December 2016, KrebsOnSecurity heard from a woman who had her Gmail, Instagram, Facebook and LinkedIn accounts hijacked after a group of individuals led by Forza taunted her on Twitter as they took over her phone account. “@forzathegod had the audacity to even tweet me to say I was about to be hacked.”

Personal data

Personal data Authentication Passwords Government

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

“Universal Admin,” is crimeware platform that first surfaced in 2016. Perhaps the biggest selling point for U-Admin is a module that helps phishers intercept multi-factor authentication codes. Qbot) — to harvest one-time codes needed for multi-factor authentication. ” U-Admin, a.k.a.

Phishing

Phishing Authentication Archiving Cybersecurity

Google is going to block logins from embedded browsers against MitM phishing attacks

Security Affairs

APRIL 20, 2019

Phishing attacks carried out by injecting malicious content in legitimate traffic are difficult to detect when attackers use an embedded browser framework or any other automated tool for authentication. Chromium Embedded Framework – CEF) or another automation platform is being used for authentication. . Pierluigi Paganini.

Phishing

Phishing Authentication Communications Access

GUEST ESSAY: The privacy implications of facial recognition systems rising to the fore

The Last Watchdog

NOVEMBER 19, 2018

A string of advances in biometric authentication systems has brought facial recognition systems, in particular, to the brink of wide commercial use. According to Allied Market Research, the facial recognition systems market is in the midst of rising at a compounded annual growth rate of 21% between 2016 to 2022. billion by 2022.

Privacy

Privacy Authentication Marketing Retail

Microsoft Patch Tuesday security updates for November 2021 fix 2 Zero-Days actively exploited

Security Affairs

NOVEMBER 9, 2021

“We are aware of limited targeted attacks in the wild using one of vulnerabilities ( CVE-2021-42321 ), which is a post-authentication vulnerability in Exchange 2016 and 2019. Microsoft pointed out that the flaw can be exploited only by an authenticated attacker. ” read the announcement published by Microsoft.

Security

Security Authentication IT Information Security

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Security Affairs

MARCH 16, 2020

Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which runs as SYSTEM.” A remote, authenticated attacker could exploit the CVE-2020-0688 vulnerability to execute arbitrary code with SYSTEM privileges on a server and take full control.

Authentication

Authentication Access Security Cybersecurity

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

The group was involved also in the string of attacks that targeted 2016 Presidential election. The vulnerability is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass.

Military

Military Government Phishing Access

Microsoft Patch Tuesday, Sept. 2020 Edition

Krebs on Security

SEPTEMBER 8, 2020

Among the chief concerns for enterprises this month is CVE-2020-16875 , which involves a critical flaw in the email software Microsoft Exchange Server 2016 and 2019. “We have seen the previously patched Exchange bug CVE-2020-0688 used in the wild, and that requires authentication. . We’ll likely see this one in the wild soon.

Authentication

Authentication Security Ransomware IT

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

FEBRUARY 12, 2019

VFEmail’s Twitter account responded that “external facing systems, of differing OS’s and remote authentication, in multiple data centers are down.” Strangely, not all VMs shared the same authentication, but all were destroyed. The first signs of the attack came on the morning of Feb. Just attack and destroy.”

Authentication

Authentication Ransomware Passwords IT

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

SEC Settles With 2 Traders Over EDGAR Hacking Case

Webinars

Trending Sources

Zendesk 2016 security breach may impact Uber, Slack, and other organizations

Webinars

DigiCert Snags Longtime Zscaler Executive Amit Sinha as CEO

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

FCA fines Tesco Bank £16.4m over 2016 cyber attack

Microsoft rolled out emergency updates to fix Windows Server auth failures

DEA Investigating Breach of Law Enforcement Data Portal

New Version of Meduza Stealer Released in Dark Web

Fortinet warns of a spike in attacks against TBK DVR devices

CNIL Fines Uber for Data Security Failure Related to 2016 Data Breach

German BSI warns of 17,000 unpatched Microsoft Exchange servers

FBI Warns of ‘Unlimited’ ATM Cashout Blitz

Microsoft recommends Exchange admins to disable the SMBv1 protocol

CISA adds Apache Superset bug to its Known Exploited Vulnerabilities catalog

Fat Patch Tuesday, February 2024 Edition

Obtaining password hashes of Windows systems with PetitPotam attack

PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online

Expert released PoC exploit code for Microsoft Exchange CVE-2021-42321 RCE bug

Vulnerability Recap 4/1/24: Cisco, Fortinet & Windows Server Updates

Microsoft Exchange zero-day and exploit could allow anyone to be an admin

Microsoft publishes mitigations for the PetitPotam attack

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Counting Down to the EU NIS2 Directive

The Unsexy Threat to Election Security

Microsoft Patch Tuesday, February 2022 Edition

Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Microsoft confirms Exchange zero-day flaws actively exploited in the wild

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Zyxel 0day Affects its Firewall Products, Too

Microsoft: Two New 0-Day Flaws in Exchange Server

Social Blade discloses security breach

New Mirai variant includes exploit for a flaw in Comtrend Routers

Nine Charged in Alleged SIM Swapping Ring

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Google is going to block logins from embedded browsers against MitM phishing attacks

GUEST ESSAY: The privacy implications of facial recognition systems rising to the fore

Microsoft Patch Tuesday security updates for November 2021 fix 2 Zero-Days actively exploited

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Microsoft Patch Tuesday, Sept. 2020 Edition

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Stay Connected