#auth

Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability in Office's

By Waqas A Campbell, New York-based real estate training platform called Real Estate Wealth Network exposed a massive treasure trove of real estate records due to cloud server misconfiguration. This is a post from HackRead.com Read the original post: Data Leak Exposes 1.5 Billion Real Estate Records, Including Elon Musk, Kylie Jenner

MOKOSmart MKGW1 Gateway devices with firmware version 1.1.1 or below do not provide an adequate session management for the administrative web interface. This allows adjacent attackers with access to the management network to read and modify the configuration of the device.

TYPO3 version 11.5.24 suffers from a path traversal vulnerability.

MajorDoMo versions prior to 0662e5e suffer from an unauthenticated remote code execution vulnerability.

Red Hat Security Advisory 2023-7879-03 - An update for opensc is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and out of bounds read vulnerabilities.

Red Hat Security Advisory 2023-7876-03 - An update for opensc is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.

In this paper, the authors show that as new encryption algorithms and mitigations were added to SSH, the SSH Binary Packet Protocol is no longer a secure channel: SSH channel integrity (INT-PST) is broken for three widely used encryption modes. This allows prefix truncation attacks where some encrypted packets at the beginning of the SSH channel can be deleted without the client or server noticing it. They demonstrate several real-world applications of this attack. They show that they can fully break SSH extension negotiation (RFC 8308), such that an attacker can downgrade the public key algorithms for user authentication or turn off a new countermeasure against keystroke timing attacks introduced in OpenSSH 9.5. They also identified an implementation flaw in AsyncSSH that, together with prefix truncation, allows an attacker to redirect the victim's login into a shell controlled by the attacker. Related proof of concept code from their github has been added to this archive.

By Deeba Ahmed The latest Xfinity data breach is linked to the critical Citrix Bleed vulnerability. This is a post from HackRead.com Read the original post: Xfinity Rocked with Data Breach Impacting 36 Million Users

Hands-On Review: Memcyco’s Threat Intelligence Solution Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious actors clone legitimate websites to trick customers, leading to financial scams and data theft causing reputation damage and financial losses for both organizations and customers. The Growing Threat of