Tag: authentication

How to Prevent Helpdesk Social Engineering Attacks

Aug 7, 2025 6:11 AM

Tags: access, attack, authentication, breach, credentials, cybercrime, dark-web, data, deep-fake, defense, exploit, finance, flaw, malware, mfa, network, password, phone, psychology, ransomware, social-engineering, tactics, threat, unauthorized
Researchers uncover RCE attack chains in popular enterprise credential vaults

Aug 7, 2025 5:11 AM

Tags: access, api, attack, authentication, cloud, credentials, cve, encryption, exploit, flaw, identity, infrastructure, login, malicious, mfa, open-source, password, ransomware, rce, remote-code-execution, risk, service, software, vulnerability

From identity forgery to full RCE: An AWS instance identity typically corresponds to a hostname. But the researchers explored how this could be abused within Conjur’s resource model, which uses three parameters: Account (Conjur account name), Kind (resource type, host, user, variable, policy, etc.), and Identifier (unique resource name). These parameters are also used in…
No, Mr. Altman, Passwords Are Not Back in Vogue

Aug 7, 2025 1:12 AM

Tags: ai, authentication, ceo, intelligence, openai, password

OpenAI CEO Says AI Has Beaten Voice Recognition, But Experts Disagree OpenAI CEO Sam Altman recently claimed that artificial intelligence has fully defeated most of the ways that people authenticate currently, other than passwords. A host of security experts disagree and point out that passwords got us into this authentication mess to begin with. First…
ReVault flaws let attackers bypass Windows login or place malware implants on Dell laptops

Aug 7, 2025 12:11 AM

Tags: access, attack, authentication, cisco, credentials, cve, encryption, exploit, firmware, flaw, Hardware, login, malware, nfc, risk, service, strategy, threat, update, vulnerability, windows

Planting implants: An investigation by Cisco Talos uncovered two out-of-bounds vulnerabilities (CVE-2025-24311, CVE-2025-25050) an arbitrary free (CVE-2025-25215) and a stack-overflow flaw (CVE-2025-24922), all affecting the ControlVault firmware.The same researchers also discovered an unsafe deserialization flaw (CVE-2025-24919) affecting ControlVault’s Windows APIs. This vulnerability makes it possible to trigger arbitrary code execution on the ControlVault firmware, allowing…
Top use cases for private certificate authorities in public sector organizations

Aug 6, 2025 9:12 PM

Tags: access, authentication, automation, compliance, control, crypto, cybersecurity, governance, identity, service, zero-trust

Public sector organizations face rising cybersecurity, compliance, and operational challenges, especially in complex hybrid environments. Private certificate authorities (CAs) offer enhanced control, automation, and security tailored to internal systems and Zero Trust frameworks. Unlike public CAs, private CAs allow agencies to manage internal identities, devices, and applications while meeting strict regulatory requirements. Key use cases…
Cyber criminals would prefer businesses don’t use Okta

Aug 6, 2025 9:12 PM

Tags: authentication, cyber, okta, phishing, threat

Okta details a phishing campaign in which the threat actor demonstrated some unusually strong opinions on what authentication methods they would like their targets to use. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628482/Cyber-criminals-would-prefer-businesses-dont-use-Okta
How Can Tutoring Platforms Protect Student and Parent Logins with Secure Authentication?

Aug 6, 2025 7:11 PM

Tags: authentication, login, mfa

Learn how tutoring platforms protect student and parent logins with secure authentication like SSO, MFA, and adaptive login systems. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/how-can-tutoring-platforms-protect-student-and-parent-logins-with-secure-authentication/
The age of infostealers is here. Is your financial service secure?

Aug 5, 2025 2:28 PM

Tags: access, ai, antivirus, authentication, awareness, breach, business, computer, credentials, cybersecurity, data, defense, detection, edr, endpoint, finance, Hardware, identity, intelligence, least-privilege, malware, mfa, monitoring, network, password, risk, service, siem, threat, tool, unauthorized, vulnerability

What financial institutions must do now: The stealthy nature of infostealers means traditional security measures are often inadequate. These programs are designed to operate in silence, avoiding detection by not disrupting performance. As a result, cybersecurity in the estate management space must evolve, not reactively, but proactively.First, organizations must implement robust endpoint detection and response…
Ransomware goes cloud native to target your backup infrastructure

Aug 5, 2025 10:28 AM

Tags: access, api, authentication, backup, cloud, container, control, credentials, cybercrime, data, defense, exploit, google, group, identity, infrastructure, least-privilege, linkedin, linux, malicious, malware, mfa, north-korea, ransomware, social-engineering, strategy, threat, vulnerability, vulnerability-management

Credential compromise and misconfiguration woes: More sophisticated threat groups have developed social engineering techniques to the point where they reliably trick targets into helping them to bypass multi-factor authentication (MFA) controls before ransacking compromised cloud-hosted environments.For example, threat actors are using compromised OAuth tokens to bypass MFA and inject malicious code into developer ecosystems via…
Proton fixes Authenticator bug leaking TOTP secrets in logs

Aug 4, 2025 9:28 PM

Tags: authentication, mfa

Proton fixed a bug in its new Authenticator app for iOS that logged users’ sensitive TOTP secrets in plaintext, potentially exposing multi-factor authentication codes if the logs were shared. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/proton-fixes-authenticator-bug-leaking-totp-secrets-in-logs/
OAuth-Apps für M365-Phishing missbraucht

Aug 4, 2025 7:28 PM

Tags: access, adobe, authentication, business, captcha, cloud, cyberattack, fido, identity, login, mail, malware, mfa, microsoft, password, phishing

Gefälschte OAuth-Apps eröffnen Angreifern neue Wege, um Microsoft-Konten zu kapern.Bedrohungsakteure haben einen neuen, smarten Weg aufgetan, Microsoft-365-Konten zu kompromittieren. Wie Proofpoint herausgefunden hat, erstellen sie dazu zunehmend gefälschte OAuth-Anwendungen, die vertrauenswürdige Brands wie SharePoint und DocuSign imitieren. Die “Originale” dieser Apps nutzen die Identity-Plattform von Microsoft (Azure AD / Entra ID), um auf Daten aus…
New Plague Linux malware stealthily maintains SSH access

Aug 4, 2025 5:28 PM

Tags: access, authentication, detection, linux, malware

A newly discovered Linux malware, which has evaded detection for over a year, allows attackers to gain persistent SSH access and bypass authentication on compromised systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-plague-malware-backdoors-linux-devices-removes-ssh-session-traces/
MCP: securing the backbone of Agentic AI

Aug 4, 2025 11:56 AM

Tags: access, ai, attack, authentication, business, ciso, control, credentials, cyber, data, detection, injection, least-privilege, mfa, monitoring, RedTeam, risk, security-incident, service, supply-chain, training

Four cornerstones for securing MCP servers: CISOs can largely rely on the proven basic principles of cyber security for MCP they just need to adapt them in a few places. Pure checklists fall short here. Instead, a clear, principles-based approach is required. Four central pillars have proven themselves in practice: Strong authentication and clean credential…
A new era of cyberthreats from sophisticated threat actors is here

Aug 4, 2025 9:29 AM

Tags: access, ai, attack, authentication, backdoor, china, cisa, cloud, communications, control, credentials, crowdstrike, data, data-breach, detection, edr, encryption, endpoint, exploit, group, identity, intelligence, Internet, kev, linux, network, password, phishing, ransomware, remote-code-execution, service, siem, social-engineering, tactics, threat, tool, update, vulnerability, vulnerability-management, windows, zero-day

Identity threats: Scattered Spider: Identity-oriented adversaries exploit human weaknesses to leverage compromised credentials obtained through social engineering and AI-based tools to gain access to networks.Voice-based phishing is one identity-based attack tool rising in prominence, having increased in use by 443% last year, according to Myers. “This is on track to double by the end of…
New Linux backdoor Plague bypasses auth via malicious PAM module

Aug 3, 2025 5:28 AM

Tags: authentication, backdoor, linux, malicious

A stealthy Linux backdoor named Plague, hidden as a malicious PAM module, allows attackers to bypass auth and maintain persistent SSH access. Nextron Systems researchers discovered a new stealthy Linux backdoor called Plague, hidden as a malicious PAM (Pluggable Authentication Module) module. It silently bypasses authentication and grants persistent SSH access. A Pluggable Authentication Module…
New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft

Aug 2, 2025 5:28 PM

Tags: access, authentication, backdoor, credentials, cybersecurity, detection, linux, malicious, theft

Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year.”The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access,” Nextron Systems researcher Pierre-Henri Pezier said.Pluggable Authentication Modules First seen on thehackernews.com Jump…
New Undetectable Plague Malware Targeting Linux Servers for Persistent SSH Access

Aug 2, 2025 12:28 PM

Tags: access, antivirus, authentication, backdoor, cyber, linux, malicious, malware, software

Security researchers have discovered a sophisticated Linux backdoor dubbed >>Plague
Cybercrooks faked Microsoft OAuth apps for MFA phishing

Aug 1, 2025 2:28 PM

Tags: access, authentication, business, cloud, data, detection, email, fido, malicious, mfa, microsoft, phishing, risk, software, threat, unauthorized, update

Microsoft moves to curb the threat: Thousands of malicious messages have been sent from compromised business accounts, as part of the campaign, each impersonating well-known companies. Some lures asked for benign-looking permissions such as “view your profile” and “maintain access to data you have given it access to”.Proofpoint said it reported the observed apps to…
Threat Actors Impersonate Microsoft OAuth Apps to Steal Login Credentials

Aug 1, 2025 2:28 PM

Tags: adobe, authentication, credentials, cyber, login, malicious, microsoft, phishing, theft, threat

Threat actors are leveraging sophisticated phishing campaigns by creating fake Microsoft OAuth applications to impersonate legitimate enterprises, enabling credential theft while bypassing multifactor authentication (MFA). Proofpoint researchers have tracked this activity since early 2025, identifying over 50 impersonated applications, including those mimicking RingCentral, SharePoint, Adobe, and DocuSign. These malicious OAuth apps serve as initial lures,…
Summer: Why cybersecurity must be strengthened as vacations abound

Aug 1, 2025 9:28 AM

Tags: access, ai, attack, authentication, automation, awareness, backup, control, corporate, credentials, cybersecurity, data, detection, email, encryption, exploit, infrastructure, malicious, mfa, monitoring, network, office, password, resilience, risk, theft, threat, tool, training, update, usa, vpn, wifi

Guillermo Fernandez, Sales Engineer for Southern Europe at WatchGuard Technologies. WatchGuard Technologies.Another important point is that, during the summer, attackers know that many IT and cybersecurity teams are operating with more limited resources or with staff on vacation. “They take advantage of this to launch phishing campaigns and other targeted attacks, aware that attention and vigilance often…
Microsoft 365 im Fadenkreuz: So umgehen Hacker die MFA

Aug 1, 2025 5:28 AM

Tags: authentication, hacker, mfa, microsoft, phishing

Eine neue Phishing-Welle zeigt: Selbst moderne Sicherheitsmechanismen wie die Multifaktor-Authentifizierung (MFA) bieten keinen vollständigen Schutz. Cyberkriminelle zielen gezielt auf Microsoft 365 und nutzen gefälschte Anwendungen, um Unternehmenszugänge zu kompromittieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/microsoft-365-mfa
How bright are AI agents? Not very, recent reports suggest

Aug 1, 2025 5:28 AM

Tags: access, ai, api, attack, authentication, awareness, business, control, data, exploit, flaw, framework, google, guide, identity, injection, lessons-learned, LLM, malicious, microsoft, sans, service, sql, tactics, technology, vulnerability, windows

CSOs should ‘skip the fluff’: Meghu’s advice to CSOs: Stop reading the marketing and betting too much of your business on AI/LLM technology as it exists today. Start small and always have a human operator to guide it.”If you skip the fluff and get to the practical application, we have a new technology that could…
Proton launches free standalone cross-platform Authenticator app

Jul 31, 2025 5:28 PM

Tags: android, authentication, linux, macOS, mfa, windows

Proton has launched Proton Authenticator, a free standalone two-factor authentication (2FA) application for Windows, macOS, Linux, Android, and iOS. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/proton-launches-free-standalone-cross-platform-authenticator-app/
CrushFTP Hit by Critical 0-Day RCE Vulnerability Full Technical Details and PoC Published

Jul 31, 2025 8:28 AM

Tags: authentication, cvss, cyber, rce, remote-code-execution, threat, vulnerability, zero-day

Security researchers have disclosed a critical zero-day vulnerability in CrushFTP, a popular file transfer server solution, that allows attackers to execute arbitrary commands on affected systems without authentication. The vulnerability, tracked as CVE-2025-54309, has been assigned a maximum CVSS score of 9.8 and poses an immediate threat to organizations running vulnerable CrushFTP installations. Authentication Bypass Leads…
Tangled in the web: Scattered Spider’s tactics changing to snare more victims

Jul 31, 2025 5:28 AM

Tags: access, attack, authentication, awareness, business, cisa, control, credentials, cybersecurity, data, defense, detection, google, group, guide, identity, marketplace, mfa, microsoft, mitigation, monitoring, network, nist, password, phishing, phone, social-engineering, software, spear-phishing, tactics, threat, tool, training, vpn

-helpdesk or a type of SSO to add credibility.In some instances, Scattered Spider members purchase employee or contractor credentials on illicit marketplaces to gain access. More commonly, they search business-to-business websites to gather information about specific individuals. Once they identify usernames, passwords, personally identifiable information (PII), and conduct SIM swapping (transferring a victim’s phone number…
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

Jul 30, 2025 12:28 PM

Tags: authentication, breach, browser, chrome, credentials, google, theft, threat, update

Google has announced that it’s making a security feature called Device Bound Session Credentials (DBSC) in open beta to ensure that users are safeguarded against session cookie theft attacks.DBSC, first introduced as a prototype in April 2024, is designed to bind authentication sessions to a device so as to prevent threat actors from using stolen…
Severe Vulnerability in AI Vibe Lets Attackers Access Private User Applications

Jul 30, 2025 11:28 AM

Tags: access, ai, authentication, control, corporate, cyber, data, data-breach, flaw, tool, unauthorized, vulnerability

A critical security vulnerability in the popular AI-powered development platform Base44 allowed unauthorized attackers to bypass authentication controls and gain access to private enterprise applications, according to a new report from Wiz Research. The flaw, which has since been patched, exposed sensitive corporate data across multiple organizations using the vibe coding platform for internal tools…
Enterprise LLMs Vulnerable to Prompt-Based Attacks Leading to Data Breaches

Jul 30, 2025 8:28 AM

Tags: access, ai, attack, authentication, breach, corporate, cyber, data, injection, LLM, malicious, vulnerability

Security researchers have discovered alarming vulnerabilities in enterprise Large Language Model (LLM) applications that could allow attackers to bypass authentication systems and access sensitive corporate data through sophisticated prompt injection techniques. The findings reveal that many organizations deploying AI-powered chatbots and automated systems may be inadvertently exposing critical information to malicious actors. The vulnerability stems…
MCP”‘Sicherheit: Das Rückgrat von Agentic AI sichern

Jul 30, 2025 7:27 AM

Tags: access, ai, api, authentication, ciso, credentials, cyberattack, cyersecurity, firewall, infrastructure, LLM, mfa, risk, tool

Im Zuge von Agentic AI sollten sich CISOs mit MCP-Sicherheit auseinandersetzen. Das Model Context Protocol (MCP) wurde erst Ende 2024 vorgestellt, dennoch sind die technologischen Folgen in vielen Architekturen bereits deutlich spürbar. Damit Entwickler nicht jede Schnittstelle mühsam von Hand programmieren müssen, stellt MCP eine einheitliche ‘Sprache” für LL-Agenten bereit. Dadurch können sie Tools, Datenbanken und SaaS”‘Dienste…
Critical Flaw in Vibe-Coding Platform Base44 Exposes Apps

Jul 29, 2025 7:27 PM

Tags: access, authentication, flaw, unauthorized

A now-patched authentication issue on the popular vibe-coding platform gave unauthorized users open access to any private application on Base44. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/critical-flaw-vibe-coding-base44-exposed-apps