Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

Recorded Future: Russia's 'Undesirable' Designation Is a Compliment

The threat intelligence business, which is set to be acquired by Mastercard for billions, is officially vendor non grata in Putin's regime.

DARKReading
Open in Source
#web#intel#auth
FBI Warns of HiatusRAT Malware Targeting Webcams and DVRs

KEY SUMMARY POINTS The FBI has issued a Private Industry Notification (PIN) to highlight new malware campaigns targeting…

FBI Warns of HiatusRAT Malware Targeting Webcams and DVRs

KEY SUMMARY POINTS The FBI has issued a Private Industry Notification (PIN) to highlight new malware campaigns targeting…

Maximizing Productivity with Online Document Solutions

Many professionals juggle multiple document formats, leading to confusion and wasted time. Imagine a streamlined process that simplifies…

GHSA-hvm9-wc8j-mgrc: TShock Security Escalation Exploit

### Impact An issue with the way OTAPI manages client connections results in stale UUIDs remaining on `RemoteClient` instances after a player disconnects. Because of this, if the following conditions are met a player may assume the login state of a previously connected player: 1. The server has UUID login enabled 2. An authenticated player disconnects 3. A subsequent player connects with a modified client that does not send the `ClientUUID#68` packet during connection 4. The server assigns the same `RemoteClient` object that belonged to the originally authenticated player to the newly connected player ### Patches TShock 5.2.1 hotfixes this issue. A more robust fix will be made to OTAPI itself. ### Workarounds Implement a RemoteClient reset event handler in a plugin like so: ```csharp public override void Initialize() { On.Terraria.RemoteClient.Reset += RemoteClient_Reset; } private static void RemoteClient_Reset(On.Terraria.RemoteClient.orig_Reset orig, RemoteClient client...

Phishers Spoof Google Calendar Invites in Fast-Spreading, Global Campaign

Attackers are using links to the popular Google scheduling app to lead users to pages that steal credentials, with the ultimate goal of committing financial fraud.

Manufacturers Lose Azure Creds to HubSpot Phishing Attack

Cyberattackers used fake DocuSign links and HubSpot forms to try to solicit Azure cloud logins from hundreds of thousands of employees across Europe.

Pallet liquidation scams and how to recognize them

Pallet liquidation is an attractive playing field for online scammers. Will you receive goods or get your credit card details stolen?

GHSA-p7c9-8xx8-h74f: Apache Kafka's SCRAM implementation Incorrectly Implements Authentication Algorithm

Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. Issue Summary: Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism (SCRAM) did not fully adhere to the requirements of RFC 5802 [1]. Specifically, as per RFC 5802, the server must verify that the nonce sent by the client in the second message matches the nonce sent by the server in its first message. However, Kafka's SCRAM implementation did not perform this validation. Impact: This vulnerability is exploitable only when an attacker has plaintext access to the SCRAM authentication exchange. However, the usage of SCRAM over plaintext is strongly discouraged as it is considered an insecure practice [2]. Apache Kafka recommends deploying SCRAM exclusively with TLS encryption to protect SCRAM exchanges from interception [3]. Deployments using SCRAM with TLS are not affected by this issue. How to Detect If You Are Impacted: If your deployment uses SCRAM authent...

The Importance of Empowering CFOs Against Cyber Threats

Working closely with CISOs, chief financial officers can become key players in protecting their organizations' critical assets and ensuring long-term financial stability.