#auth

Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This [computer network] was used for unclassified research and development (R&D)," the Dutch Military Intelligence and Security Service (MIVD) said in a statement. "Because this system was self-contained, it did not lead to any damage to the

JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its severity. "The vulnerability may enable an unauthenticated

By Deeba Ahmed Zero-Day Nightmare: CVE-2024-21893 Exploits Surge in Attacks on Ivanti Products. This is a post from HackRead.com Read the original post: Chained Exploits, Stolen VPN Access: Hackers Target Ivanti Users Despite Patches

By Deeba Ahmed So far, the gang has mostly targeted job seekers in the APAC (Asia Pacific) region. This is a post from HackRead.com Read the original post: New ResumeLooters Gang Targets Job Seekers, Steals Millions of Resumes

The State of Malware 2024 report covers some topics that are of special interest to home users: privacy, passwords, malvertising, banking Trojans, and Mac malware.

Three new security vulnerabilities have been discovered in Azure HDInsight's Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service (ReDoS) condition. "The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie," Orca security

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable locally Vendor: HID Global Equipment: iCLASS SE, OMNIKEY Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read data from reader configuration cards and credentials. Reader configuration cards contain credential and device administration keys which could be used to create malicious configuration cards or credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following HID products are affected when configured as an encoder: iCLASS SE CP1000 Encoder: All versions iCLASS SE Readers: All versions iCLASS SE Reader Modules: All versions iCLASS SE Processors: All versions OMNIKEY 5427CK Readers: All versions OMNIKEY 5127CK Readers: All versions OMNIKEY 5023 Readers: All versions OMNIKEY 5027 Readers: All versions 3.2 Vulnerability Overview 3.2.1 IMPROPER AUTHORIZATION CWE-285 Certain configuration available in the communication channel for enc...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Low attack complexity Vendor: HID Global Equipment: Reader Configuration Cards Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read the credential and device administration keys from a configuration card. Those keys could be used to create malicious configuration cards or credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following HID products are affected: HID iCLASS SE reader configuration cards: All versions OMNIKEY Secure Elements reader configuration cards: All versions 3.2 Vulnerability Overview 3.2.1 IMPROPER AUTHORIZATION CWE-285 Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could include credential and device administrator keys. CVE-2024-23806 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.3 has been calculated; the CVSS vector string is (AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)...

You’ve probably heard the phrase, “Attackers don’t hack anyone these days. They log on.” In this blog, we describe the various tools and techniques bad actors are using to steal credentials so they can 'log on' with valid account details, and outline our recommendations for defense.

A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver Foundation said it observed exploitation attempts originating from more than 170 unique IP addresses that aim to establish a reverse shell, among others. The attacks exploit CVE-2024-21893 (CVSS