IT - Information Management Today

Large-scale Citrix NetScaler Gateway credential harvesting campaign exploits CVE-2023-3519

Security Affairs

OCTOBER 9, 2023

The attackers exploited the flaw to inject a malicious Javascript into the device “index.html” login page. Then the attackers appended custom HTML code to “index.html” which references a remote JavaScript file hosted on attacker-controlled infrastructure. ” reads the report published by IBM X-Force.

Authentication

Authentication Passwords Cybersecurity Security

Cyber Defense Magazine – September 2020 has arrived. Enjoy it!

Security Affairs

SEPTEMBER 3, 2020

Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Cyber Defense Magazine September 2020). The post Cyber Defense Magazine – September 2020 has arrived. appeared first on Security Affairs.

IT

IT Cybersecurity Marketing Information Security

Cyber Defense Magazine – July 2020 has arrived. Enjoy it!

Security Affairs

JULY 2, 2020

Here’s a Yumpu version: www.yumpu.com/en/document/read/63586241/cyber-defense-emagazine-july-2020-edition Enjoy and Thank You for Joining Us! Please visit CYBER DEFENSE TV and watch our latest interviews… We have 80+ NEW INTERVIEWS BEING UPLOADED THIS MONTH!!! Checkout our media kit and reach out to marketing@cyberdefensemagazine.com.

B2C

B2C IT Libraries Information Security

Cyber Defense Magazine – August 2020 has arrived. Enjoy it!

Security Affairs

AUGUST 5, 2020

Here’s a Yumpu version: www.yumpu.com/en/document/view/63770162/cyber-defense-emagazine-august-2020-edition Enjoy and Thank You for Joining Us! Please visit CYBER DEFENSE TV and watch our latest interviews… We have 80+ NEW INTERVIEWS BEING UPLOADED THIS MONTH!!! . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

B2C

B2C IT Libraries Information Security

Cyber Defense Magazine ? July 2020 has arrived. Enjoy it!

Security Affairs

JUNE 5, 2020

CLICK BELOW FOR PDF FORMAT: PDF FORMAT PLUS OTHER GREAT EBOOKS FOR FREE cyberdefensemagazine.tradepub.com/free/w_cyba94/ CLICK BELOW FOR AN ONLINE & MOBILE FLIPBOOK VERSION: ONLINE & MOBILE VERSION www.cyberdefensemagazine.com/newsletters/june-2020/index.html Enjoy and Thank You for Joining Us! With much appreciation to our sponsors.

B2C

B2C IT Cybersecurity Information Security

WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack

Security Affairs

DECEMBER 12, 2020

“The plugin’s folder doesn’t have any index.html file, hence, on servers that have directory listing enabled, hackers can find and view the log,” reads the post published by Ninja Technologies Network (NinTechNet). .” The zero-day vulnerability affects WP SMTP 1.4.2 Pierluigi Paganini.

Passwords

Passwords IT Access Security

Monti Ransomware gang launched a new Linux encryptor

Security Affairs

AUGUST 15, 2023

The variant was employed in attacks aimed at organizations in government and legal sectors. The Monti group has been active since June 2022, shortly after the Conti ransomware gang shut down its operations. According to Trend Micro, this variant is quite different from the previous Linux-based version. ” continues the report.

Ransomware

Ransomware Encryption IT Government

Thousands of Citrix servers still vulnerable to CVE-2022-27510 and CVE-2022-27518

Security Affairs

DECEMBER 29, 2022

The experts noticed that there is an MD5 hash-like value in the HTTP body when requesting the URL: /vpn/index.html . Researchers warn of thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints are still unpatched. CVE-2022-27510 flaw is an authentication bypass using an alternate path or channel.

Cloud

Cloud Authentication Access IT

Hacking iPhone or MacBook devices by tricking into visiting a site

Security Affairs

APRIL 3, 2020

file:///path/to/file/index.html) to fool the browser into changing the domain name using JavaScript. Bad news for Apple iPhone or MacBook users, attackers could hack their device’s camera by tricking them into visiting a website. Pickren reported seven vulnerabilities to Apple that rewarded him with a $75,000 bounty. .

Passwords

Passwords Access Security IT

Phishing campaign aimed at stealing Office 365 logins abuses Google Cloud Services

Security Affairs

JULY 21, 2020

com/asharepoint-unwearied-439052791/index.html, it was designed to trick victims into providing their Office 365 logins or organization e-mail. The attack chains started with a PDF document that was uploaded to Google Drive, and included a link to a phishing page. The phishing page used in this campaign was hosted on storage.googleapis[.]com/asharepoint-unwearied-439052791/index.html,

Phishing

Phishing Cloud e-Discovery Security

ID Numbers for 120 Million Brazilians taxpayers exposed online

Security Affairs

DECEMBER 13, 2018

Experts discovered the file index.html_bkp on the Apache server (likely a backup of the index.html), which caused the web server to display the list of the files and folder stored in that folder and download them. It is not clear how long data remained exposed online or who accessed them. ” continues the report.

Archiving

Archiving Military Security Access

Building Password Purgatory with Cloudflare Pages and Workers

Troy Hunt

MARCH 9, 2022

Creating a GitHub Repo for Pages Everything is going to deploy out of GitHub so I've spun up a public repo called "password-purgatory" under my personal account : Clone it locally, drop in an index.html file with a logo and push it back up. All they have to do first is create a password. Let's get it deployed!

Passwords

Passwords Access IT Cybersecurity

Inside the Cit0Day Breach Collection

Troy Hunt

NOVEMBER 19, 2020

It's increasingly hard to know what to do with data like that from Cit0Day. If that's an unfamiliar name to you, start with Catalin Cimpanu's story on the demise of the service followed by the subsequent leaking of the data. rar files in it whilst the second has a further 8,949.rar rar files giving a grand total of 23,618 files.

Passwords

Passwords Archiving Risk File names

Information Management Today

Large-scale Citrix NetScaler Gateway credential harvesting campaign exploits CVE-2023-3519

Cyber Defense Magazine – September 2020 has arrived. Enjoy it!

Trending Sources

Cyber Defense Magazine – July 2020 has arrived. Enjoy it!

Cyber Defense Magazine – August 2020 has arrived. Enjoy it!

Cyber Defense Magazine ? July 2020 has arrived. Enjoy it!

WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack

Monti Ransomware gang launched a new Linux encryptor

Thousands of Citrix servers still vulnerable to CVE-2022-27510 and CVE-2022-27518

Hacking iPhone or MacBook devices by tricking into visiting a site

Phishing campaign aimed at stealing Office 365 logins abuses Google Cloud Services

ID Numbers for 120 Million Brazilians taxpayers exposed online

Building Password Purgatory with Cloudflare Pages and Workers

Inside the Cit0Day Breach Collection

Stay Connected