Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

The massive computer outage over the weekend was not a cyber attack, and I’m not sure why we have to keep saying that

Seeing a “blue screen of death,” often with code that looks indecipherable, has been ingrained into our heads that it’s a “hack."

TALOS
#web#windows#microsoft#cisco#git#intel#auth
GHSA-wmx7-pw49-88jx: Craft CMS Allows TOTP Token To Stay Valid After Use

Craft CMS 5 allows reuse of TOTP tokens multiple times within the validity period. ### Impact An attacker is able to re-submit a valid TOTP token to establish an authenticated session. This requires that the attacker has knowledge of the victim's credentials. A TOTP token can be used multiple times to establish an authenticated session. [RFC 6238](https://www.rfc-editor.org/rfc/rfc6238) insists that an OTP must not be used more than once. > The verifier MUST NOT accept the second attempt of the OTP after the successful validation has been issued for the first OTP, which ensures one-time only use of an OTP. The OWASP Application Security Verification Standard v4.0.3 (ASVS) [reiterates this property with requirement 2.8.4](https://github.com/OWASP/ASVS/blob/v4.0.3/4.0/en/0x11-V2-Authentication.md#v28-one-time-verifier). > Verify that time-based OTP can be used only once within the validity period. It should also be noted that the validity period of an TOTP token is 2 minutes. This...

Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4

A software engineer hired for an internal IT AI team immediately became an insider threat by loading malware onto his workstation.

GHSA-7726-43hg-m23v: OpenAM FreeMarker template injection

OpenAM is an open access management solution. In versions 15.0.3 and prior, the `getCustomLoginUrlTemplate` method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL for handling login to override the default PingOne Advanced Identity Cloud login page,they did not restrict the `CustomLoginUrlTemplate`, allowing it to be set freely. Commit fcb8432aa77d5b2e147624fe954cb150c568e0b8 introduces `TemplateClassResolver.SAFER_RESOLVER` to disable the resolution of commonly exploited classes in FreeMarker template injection. As of time of publication, this fix is expected to be part of version 15.0.4.

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps with names such as Andariel, Nickel Hyatt,

Is Our Water Safe to Drink? Securing Our Critical Infrastructure

Our critical systems can be protected from looming threats by embracing a proactive approach, investing in education, and fostering collaboration between IT and OT professionals.

Ubuntu Security Notice USN-6914-1

Ubuntu Security Notice 6914-1 - Filip Hejsek discovered that the phpCAS library included in OCS Inventory was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use this issue to gain access to a victim's account.

Ubuntu Security Notice USN-6913-1

Ubuntu Security Notice 6913-1 - Filip Hejsek discovered that phpCAS was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use this issue to gain access to a victim's account on a vulnerable CASified service. This security update introduces an incompatible API change. After applying this update, third party applications need to be modified to pass in an additional service base URL argument when constructing the client class.

Prison Management System 1.0 Shell Upload

Prison Management System version 1.0 suffers from an unauthenticated remote shell upload vulnerability.

Red Hat Security Advisory 2024-4829-03

Red Hat Security Advisory 2024-4829-03 - An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.