Security Affairs

APRIL 9, 2024

Most of the Internet-facing devices are in South Korea, Hong Kong, the U.S., Sweden, and Finland. running on LG43UM7000PLA webOS 5.5.0 – 04.50.51 running on OLED55CXPUA webOS 6.3.3-442 442 (kisscurl-kinglake) – 03.36.50 running on OLED48C1PUB webOS 7.3.1-43 43 (mullet-mebin) – 03.33.85 running on OLED55CXPUA webOS 6.3.3-442

Authentication 123

Authentication Libraries Access Information Security 123

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The malicious build interferes with the authentication in sshd through systemd.

Authentication 117

Authentication Libraries Access Security 117

Security Affairs

JANUARY 12, 2024

In December, experts warned of an authentication bypass zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. An attacker can trigger the vulnerability, tracked as CVE-2023-51467 , to bypass authentication to achieve a simple Server-Side Request Forgery (SSRF). in the Apache OfBiz.

Honeypots 125

Honeypots Authentication Libraries Passwords 125

Security Affairs

JULY 24, 2023

The ssh-agent is a program that caches private keys for SSH public key authentication, reducing the need for regular passphrase input. The vulnerability can be exploited only if certain libraries are installed on systems running the vulnerable versions and the SSH authentication agent is forwarded to an attacker-controlled system.

Libraries 89

Libraries Authentication Encryption Communications 89

Security Affairs

NOVEMBER 15, 2022

The issue can be exploited by triggering a recently disclosed VM sandbox escape vulnerability (CVE-2022-36067 aka Sandbreak) in the vm2 third-party library. The researchers explained that the template engine utilizes the vm2 library to prevent the execution of untrusted code. ” reads the advisory published by Oxeye.

Libraries 108

Libraries Authentication Paper Risk 108

Security Affairs

SEPTEMBER 6, 2023

The attackers forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key.

Authentication 107

Authentication Libraries Access Government 107

Security Affairs

MARCH 8, 2024

Cisco Secure Client is a security tool developed by Cisco that provides VPN (Virtual Private Network) access and Zero Trust Network Access (ZTNA) support along with security and monitoring capabilities. resides in the ISE Posture (System Scan) module of Cisco Secure Client for Linux. ” reads the advisory.

Security 92

Security IT Authentication Libraries 92

Security Affairs

JULY 7, 2022

“Unlike other threats that hijack shared libraries by modifying the environment variable LD_PRELOAD, this malware uses 2 different ways to load the malicious library. “The shared object hooks functions from 3 libraries: libc, libcap and Pluggable Authentication Module (PAM). ” continues the experts.

Libraries 123

Libraries Cybersecurity Authentication Access 123

Security Affairs

DECEMBER 17, 2023

“Today we experienced an exploit on the Ledger Connect Kit, a Javascript library that implements a button allowing users to connect their Ledger device to third party DApps (wallet-connected Web sites). ” The initial observation suggests that the account probably did not have Multi-Factor Authentication (MFA) enabled.

Phishing 116

Phishing Libraries Authentication Access 116

Security Affairs

NOVEMBER 2, 2022

The OpenSSL project fixed two high-severity flaws in its cryptography library that can trigger a DoS condition or achieve remote code execution. The OpenSSL project has issued security updates to address a couple of high-severity vulnerabilities, tracked as CVE-2022-3602 and CVE-2022-3786 , in its cryptography library.

Libraries 104

Libraries Encryption Authentication Communications 104

Security Affairs

DECEMBER 12, 2021

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library.

Honeypots 136

Honeypots Libraries Passwords Authentication 136

The Security Ledger

DECEMBER 29, 2021

In this episode of the podcast (#233) Mark Stanislav, a Vice President at the firm Gemini, joins Paul to talk about what went wrong with disclosure of Log4Shell, the critical, remote code execution flaw in the Log4j open source library. Mark Stanislav is a VP of Information Security at Gemini. Read the whole entry. »

Libraries 98

Libraries Agriculture Risk Authentication 98

Security Affairs

APRIL 22, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by Clément Lecigne of Google’s Threat Analysis Group on April 12, 2023.

IT 90

IT Libraries Cybersecurity Education 90

Security Affairs

SEPTEMBER 1, 2022

This finding suggests a potential supply chain vulnerability, these AWS access tokens are often exposed through shared library, third-party SDK, or other shared components used by the development teams. “The credentials could expose private authentication data and keys belonging to every banking and financial app using the SDK.

Cloud 95

Cloud Authentication B2B Libraries 95

Security Affairs

JANUARY 28, 2024

The open-source software uses the args4j library to parse CLI command arguments and options on the Jenkins controller. The vulnerability was reported by the researcher Yaniv Nizry from Sonar who wrote a detailed analysis of the issue.

Libraries 125

Libraries Authentication IT Access 125

Security Affairs

JULY 2, 2022

The unauthenticated remote code execution vulnerability was discovered by security researcher Naveen Sunkavally at Horizon3.ai The issue was discovered while investigating an endpoint managed by the CewolfRenderer servlet in the third-party Cewolf charting library. ai and addressed by the vendor in March.

Libraries 98

Libraries Authentication Security Access 98

Security Affairs

NOVEMBER 2, 2022

These legitimate-looking emails directed employees to visit a fake CircleCI login page, enter their GitHub username and password, and then use their hardware authentication key to pass a One Time Password (OTP) to the malicious site.” ” reads the advisory published by the company.

Access 119

Access Phishing Passwords Authentication 119

IT Governance

FEBRUARY 14, 2023

These are the three components of the CIA triad, an information security model designed to protect sensitive information from data breaches. The CIA triad is a widely accepted principle within the industry, and is used in ISO 27001 , the international standard for information security management.

IT 106

IT Risk GDPR Information Security 106

Security Affairs

DECEMBER 30, 2022

Below are the vulnerabilities added to the catalog: CVE-2018-5430 – TIBCO JasperReports Server contains a vulnerability that may allow any authenticated user read-only access to the contents of the web application, including key configuration files.

IT 87

IT Libraries Authentication Access 87

Security Affairs

DECEMBER 4, 2020

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913. The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library.

Libraries 106

Libraries e-Delivery Risk Passwords 106

IT Governance

NOVEMBER 6, 2023

Library branches remain open, Wi-Fi is still available and materials can still be borrowed. Records breached: According to the library’s 4 November update , there is “no evidence that the personal information of our staff or customers has been compromised”. However, public computers and printing services are unavailable.

Data Privacy 87

Data Privacy Privacy Libraries Security 87

Security Affairs

SEPTEMBER 24, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon.

Authentication 127

Authentication Passwords Libraries Analytics 127

Security Affairs

JULY 25, 2023

According to the advisory, the vulnerabilities were reported to the company via its bug bounty and pen-testing processes, as well as 3rd party library scans. An authenticated attacker can trigger the issue to modify the actions taken by a system call and execute arbitrary code without any user interaction. of Bamboo Data Center.

Libraries 87

Libraries Authentication Security IT 87

Security Affairs

JUNE 26, 2023

In September 2021, Zoho released a security patch to address an authentication bypass vulnerability, tracked as CVE-2021-40539, in its ManageEngine ADSelfService Plus. The company also warned the vulnerability was exploited in attacks in the wild. ” concludes the report.

Cleanup 80

Cleanup Libraries Access Manufacturing 80

Security Affairs

DECEMBER 31, 2021

Below is the list of flaws discovered by the researchers: CVE-2021-20173 : Post Authentication Command Injection via SOAP Interface. Researchers discovered multiple instances of known vulnerable jQuery libraries (such as jquery 1.4.2), for this reason, they are urging to update them to the latest available versions.

Communications 123

Communications Libraries Encryption Passwords 123

Security Affairs

MARCH 23, 2020

Microsoft warns of hackers actively exploiting two zero-day remote code execution vulnerabilities in Windows Adobe Type Manager Library. Microsoft warns of hackers exploiting two zero-day remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library, both issues impact all supported versions of Windows.

Libraries 92

Libraries Risk Authentication Security 92

Security Affairs

MAY 29, 2023

The recipients can read the encrypted messages only after being authenticated with their Microsoft account or obtaining a one-time passcode. Once authenticated with the Microsoft service, the recipients are redirected to a page displaying the attackers’ phishing email.

Encryption 91

Encryption Phishing Authentication Libraries 91

Security Affairs

AUGUST 26, 2021

Threat actors are targeting Pulse Connect Secure VPN devices exploiting multiple flaws, including CVE-2021-22893 and CVE-2021-22937. CVE-2021-22893 is a buffer overflow issue in Pulse Connect Secure Collaboration Suite prior b9.1R11.4 One file is designed to intercept certificate-based multi-factor authentication.

Security 127

Security Authentication Libraries Passwords 127

Security Affairs

MARCH 7, 2023

The issue, tracked as CVE-2020-5741 (CVSS score: 7.2), can be exploited by a remote, authenticated attacker to execute arbitrary Python code. “We have recently been made aware of a security vulnerability related to Plex Media Server. ” reads the advisory published by Plex.

Data breaches 98

Data breaches Passwords Libraries Authentication 98

Security Affairs

MAY 25, 2021

A flaw in Pulse Connect Secure VPN could allow an authenticated remote attacker to execute arbitrary code with elevated privileges. Ivanti addressed a high severity Buffer Overflow vulnerability in Secure VPN appliances that could allow a remote authenticated attacker to execute arbitrary code with elevated privileges.

Security 99

Security Authentication Libraries Access 99

Security Affairs

JANUARY 22, 2021

The experts discovered that Amazon did not verify the authenticity of the email sender, this means that attackers can spoof an email address that is present in the list of approved addresses. ” continues the post. “To test this, I used an email spoofing service to spoof an email message and send an e-book to my device.

Authentication 134

Authentication Libraries Phishing Security 134

Security Affairs

MARCH 29, 2023

The expert discovered the vulnerability while analyzing the requests that handle ChatGPT’s authentication flow. The researcher Ayoub Fathi discovered that it is possible to bypass authentication targeting another ChatGPT API. An attacker can exploit this bypass technique to access to a user’s conversation titles.

Libraries 84

Libraries Authentication Access IT 84

Security Affairs

JUNE 29, 2022

Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new information-stealing malware, dubbed YTStealer, that was developed to steal authentication cookies from YouTube content creators.

Authentication 97

Authentication Libraries Encryption Marketing 97

Security Affairs

MARCH 13, 2023

When targeting FTP services, the malware checks for open port 21, and then attempts to authenticate using the Goftp library, which is an FTP client package for Golang. For MySQL and Postgres services, the malware scans for open ports 3306 and 5432, then pings the host’s database with a certain username and password.

Passwords 97

Passwords Libraries Authentication Communications 97

Security Affairs

SEPTEMBER 14, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. published a detailed analysis of the flaw.

Authentication 89

Authentication Passwords Libraries Paper 89

Security Affairs

MAY 6, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 94

Security Libraries Data breaches Ransomware 94

Security Affairs

NOVEMBER 20, 2023

The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site. It is one of the largest libraries in the world. ” reads the announcement.

Libraries 113

Libraries Ransomware Manufacturing Education 113