Tag
#auth
Nathaniel Fick, the ambassador for cyberspace and digital policy, has led US tech diplomacy amid a rising tide of pressure from authoritarian regimes. Will the Trump administration undo that work?
Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that's designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration. "A simple misconfiguration in on-premise applications can override the Group Policy, effectively negating the Group Policy designed to stop NTLMv1 authentications," Silverfort researcher Dor Segal said in a
Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process.
US president Joe Biden just issued a 40-page executive order that aims to bolster federal cybersecurity protections, directs government use of AI—and takes a swipe at Microsoft’s dominance.
The FBI has announced it's deleted PlugX malware from approximately 4,258 US-based computers and networks.
Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager (EPM), including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale, are rooted in EPM, and concern absolute path traversal flaws that allow a remote unauthenticated
An issue in parse-uri v1.0.9 allows attackers to cause a Regular expression Denial of Service (ReDoS) via a crafted URL.
The Joint Cyber Defense Collaborative playbook seeks to establish a "a unified approach" on how to handle AI-related cybersecurity threats.
### Impact _What kind of vulnerability is it? Who is impacted?_ Remote code execution may be possible in web-accessible installations of Homarus in certain configurations. ### Patches _Has the problem been patched? What versions should users upgrade to?_ The issue has been patched in `islandora/crayfish:4.1.0` ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ The exploit requires making a request against the Homarus's `/convert` endpoint; therefore, the ability to exploit is much reduced if the microservice is not directly accessible from the Internet, so: Prevent general access from the Internet from hitting Homarus. Configure auth in Crayfish to be more strongly required, such that requests with `Authorization` headers that do not validate are rejected before the problematic CLI interpolation occurs. ### References _Are there any links users can visit to find out more?_ - XBOW-024-071
It's an especially brazen form of malvertising, researchers say, striking at the heart of Google's business; the tech giant says it's aware of the issue and is working quickly to address the problem.