Tag: authentication
-
Key Considerations for Implementing Risk-Based Authentication
Explore key considerations for implementing risk-based authentication (RBA) to enhance security. Learn about adaptive authentication, risk assessment, integration strategies, and maintaining user experience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/key-considerations-for-implementing-risk-based-authentication/
-
Russian-Linked ATP29 Makes Another Run at Microsoft Credentials
Amazon researchers disrupted a watering hole campaign by Russian-linked cyberespionage group APT29 designed to use compromised websites to trick users into giving the threat actors access to their Microsoft accounts and data via the tech giant’s device code authentication flow. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/russian-linked-atp29-makes-another-run-at-microsoft-credentials/
-
Amazon blocks APT29 campaign targeting Microsoft device code authentication
Amazon stopped a Russia-linked APT29 watering hole attack that hijacked Microsoft device code authentication via compromised sites. Amazon announced that it had disrupted an opportunistic watering hole campaign orchestrated by the Russia-linked cyber espionage group APT29 (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes). Amazon experts labeled the attacks as an opportunistic watering hole campaign using compromised…
-
QNAP Flaw Allows Attackers to Bypass Authentication
QNAP Systems has released security patches to address multiple vulnerabilities affecting QVR firmware in legacy VioStor Network Video Recorder (NVR) systems. The company disclosed two significant security flaws on August 29, 2025, urging users to update their systems immediately to prevent potential security breaches. The security advisory reveals two distinct vulnerabilities that could compromise the…
-
Passwordless Authentication Explained
Explore passwordless authentication methods, benefits, and implementation strategies. Learn about biometrics, hardware tokens, and how to enhance security and user experience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/passwordless-authentication-explained/
-
Google Warns Salesloft Drift Breach Impacts All Drift Integrations Beyond Salesforce
Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than previously thought, stating it impacts all integrations.”We now advise all Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised,” Google Threat Intelligence…
-
Chinese hacking group Salt Typhoon expansion prompts multinational advisory
Tags: advisory, attack, authentication, breach, china, cisco, communications, container, corporate, country, cyber, data, exploit, firmware, flaw, government, group, hacking, infrastructure, intelligence, Internet, ivanti, malware, military, monitoring, network, password, router, service, software, technology, threat, update, vulnerability, zero-dayIvanti, Palo Alto Networks, Cisco flaws exploited: Salt Typhoon has been active since at least 2021, targeting critical infrastructure in telecom, transportation, government, and military bodies around the globe. Notably, a “cluster of activity” has been observed in the UK, according to the country’s National Cyber Security Centre.The group has had “considerable success” with “n-days,”…
-
Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks
Tags: access, advisory, attack, authentication, china, cisa, cisco, credentials, cve, cyber, cybersecurity, data, espionage, exploit, firewall, fortinet, germany, government, identity, infrastructure, injection, ivanti, kev, malicious, microsoft, military, mitigation, mitre, network, remote-code-execution, risk, software, tactics, threat, update, vulnerability, zero-dayAn analysis of Tenable telemetry data shows that the vulnerabilities being exploited by Chinese state-sponsored actors remain unremediated on a considerable number of devices, posing major risk to the organizations that have yet to successfully address these flaws. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ)…
-
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts.The campaign used “compromised websites to redirect visitors to malicious infrastructure designed to trick users into authorizing attacker-controlled devices through Microsoft’s device code First seen on…
-
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software.The issue, which is yet to be assigned a CVE identifier, has been addressed in Passwordstate 9.9 (Build 9972), released August 28, 2025.The Australian company said it fixed a “potential First…
-
Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations
Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than previously thought, stating it impacts all integrations.”We now advise all Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised,” Google Threat Intelligence…
-
News alert: SquareX finds browser flaw undermining passkeys while exposing banking and SaaS apps
Palo Alto, Calif., Aug. 28, 2025, CyberNewswire, It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/news-alert-squarex-finds-browser-flaw-undermining-passkeys-while-exposing-banking-and-saas-apps/
-
Google shares workarounds for auth failures on ChromeOS devices
Google is working to resolve authentication failures preventing users from signing into their Clever and ClassLink accounts on some ChromeOS devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-shares-chromeos-workarounds-for-clever-classlink-auth-failures/
-
Passwordstate dev urges users to patch auth bypass vulnerability
Click Studios, the company behind the Passwordstate enterprise-grade password manager, has warned customers to patch a high-severity authentication bypass vulnerability as soon as possible. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/passwordstate-dev-urges-users-to-patch-auth-bypass-vulnerability-as-soon-as-possible/
-
Breaking the Passkey Promise: SquareX Discloses Major Passkey Vulnerability at DEF CON 33
It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that allows users to log in with biometrics or a hardware key. According to FIDO, over 15 billion accounts have been passkey-enabled, with 69%…
-
Kill the Password: A Developer’s Guide to Passwordless Authentication Nirvana
A comprehensive guide for developers on implementing passwordless authentication. Explore various methods, improve security, and enhance user experience. Learn to kill the password! First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/kill-the-password-a-developers-guide-to-passwordless-authentication-nirvana/
-
Critical Flaws in Base44 Exposed Sensitive Data and Allowed Account Takeovers
Our research uncovered multiple critical vulnerabilities in Base44, an AI-powered platform that lets you turn any idea into a fully functional custom app. These flaws ranged from an open redirect that leaked access tokens, to stored cross-site scripting (XSS), insecure authentication design, sensitive data leakage, and client-side-only enforcement of premium features. Together, they represented a……
-
Keine Authentifizierung notwendig – Aktiv ausgenutzte Sicherheitslücken in Trend Micros Apex One
Tags: authenticationFirst seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecken-trend-micro-apex-one-patches-verfuegbar-a-3d5bece7daaaf89da962fb791240bfae/
-
Attackers exploiting NetScaler ADC and Gateway zero day flaw, Citrix warns
Tags: access, advisory, attack, authentication, backdoor, citrix, control, country, cve, cvss, cyber, cybersecurity, exploit, flaw, group, infrastructure, mitigation, rce, remote-code-execution, service, update, vulnerability, zero-dayNetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or service groups bound with IPv6 servers, and those bound with DBS IPv6 services or…
-
Cephalus Ransomware Exploits RDP for Initial Access in Latest Attack Campaign
Tags: access, attack, authentication, credentials, cyber, cybersecurity, data-breach, endpoint, exploit, mfa, ransomware, threatCybersecurity researchers at Huntress identified a novel ransomware variant dubbed Cephalus, deployed in two separate incidents targeting organizations lacking robust access controls. This emerging threat, which claims its name from Greek mythology symbolizing inevitable tragedy, leverages exposed Remote Desktop Protocol (RDP) endpoints as its primary initial access vector, exploiting compromised credentials without multi-factor authentication (MFA).…
-
New Cache Deception Attack Exploits Miscommunication Between Cache and Web Server
A newly documented cache deception attack leverages mismatches in path normalization and delimiter handling between caching layers and origin servers to expose sensitive endpoints and steal authentication tokens. Researchers have demonstrated how subtle discrepancies in URL processing can trick a content delivery network (CDN) into caching protected resources”, only for an attacker to retrieve them…
-
5 ways to improve cybersecurity function while spending less
Tags: advisory, ai, authentication, ceo, ciso, control, cyber, cybersecurity, firewall, governance, incident response, mfa, microsoft, middle-east, risk, scam, service, siem, skills, soc, technology, threat, tool, training, windows2. Focus on people and processes: “Teamwork and influential leadership are pivotal in Orange County. We work side-by-side as extensions across our departments. We can’t all do everything, and we don’t want to reinvent the wheel. We shoulder the burden together, revisit existing initiatives, and reduce that tech debt,” Cheramie explains. “That’s how you do…
-
When One Hospital Gets Ransomware, Others Feel the Pain
When ransomware hits hospitals, neighbors absorb patient overflow. Key defenses include backup recovery and multifactor authentication implementation. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/hospital-gets-ransomware-others-feel-pain
-
Securden Unified PAM Flaw Allows Attackers to Bypass Authentication
Securden Unified PAM is a comprehensive privileged access management platform that is used to store, manage, and monitor credentials across human, machine, and AI identities in a variety of environments. Security researchers discovered four critical vulnerabilities in this platform during a series of ongoing red teaming operations using Rapid7’s Vector Command service. These flaws, spanning…
-
Surge in coordinated scans targets Microsoft RDP auth servers
Internet intelligence firm GreyNoise reports that it has recorded a significant spike in scanning activity consisting of nearly 1,971 IP addresses probing Microsoft Remote Desktop Web Access and RDP Web Client authentication portals in unison, suggesting a coordinated reconnaissance campaign. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/surge-in-coordinated-scans-targets-microsoft-rdp-auth-servers/
-
0-Click Zendesk Flaw Lets Hackers Hijack Accounts and View All Tickets
A critical zero-click vulnerability in Zendesk’s Android SDK has been uncovered, enabling attackers to hijack support accounts and harvest every ticket without any user interaction. Discovered during a private bug bounty program, the flaw stems from weak token generation and storage mechanisms within Zendesk’s mobile application. Vulnerability Overview Zendesk’s Android client generates authentication tokens by…
-
Multiple vtenext Flaws Allow Attackers to Bypass Authentication and Run Remote Code
Security researcher Mattia “0xbro” Brollo disclosed a trio of severe vulnerabilities in vtenext CRM (versions 25.02 and earlier) that enable unauthenticated attackers to completely bypass login controls and execute arbitrary code on affected installations. Although vtenext quietly patched one of these flaws in version 25.02.1, two equally dangerous vectors remain unaddressed”, placing countless small and…