Tag: authentication
-
Windows 11 File Explorer Vulnerability Enables NTLM Hash Theft
A newly disclosed vulnerability, CVE-2025-24071, has been identified in Windows File Explorer, specifically affecting Windows 11 (23H2) and earlier versions that support .library-ms files and the SMB protocol. This flaw enables attackers to capture NTLM (New Technology LAN Manager) authentication hashes simply by tricking a user into extracting a malicious ZIP archive”, no further interaction…
-
AI Agents and APIs: Understand Complexities Today to Authenticate Tomorrow
The growth of AI agents puts the need for robust API authentication practices front and center, so today we’re highlighting two AI agent scenarios and how you could deal with their typical authentication challenges. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/ai-agents-and-apis-understand-complexities-today-to-authenticate-tomorrow/
-
Your Mobile Apps May Not Be as Secure as You Think”¦ FireTail Blog
Tags: access, ai, android, api, authentication, banking, best-practice, cloud, control, cyber, cybersecurity, data, encryption, finance, leak, mobile, password, phone, risk, threat, vulnerabilityMay 28, 2025 – Lina Romero – Your Mobile Apps May Not Be as Secure as You Think”¦ Excerpt: Cybersecurity risks are too close for comfort. Recent data from the Global Mobile Threat Report reveals that our mobile phone applications are most likely exposing our data due to insecure practices such as API key hardcoding.…
-
‘Secure email’: A losing battle CISOs must give up
End-to-end encryption remains elusive: Email continues to be the dominant electronic communication tool today because it is well understood, relatively easy to use, and relatively inexpensive. By and large, businesses have approved email for sending confidential information, and we often convince ourselves that it is secure, can be secured with third-party tools, or it’s “good…
-
Will AI agent-fueled attacks force CISOs to fast-track passwordless projects?
Tags: access, ai, api, attack, authentication, breach, business, ciso, cloud, credentials, cyber, cybersecurity, data, fido, finance, framework, google, Hardware, identity, login, metric, microsoft, okta, passkey, password, phishing, privacy, risk, risk-management, service, technology, threat, tool, update, zero-trustPasswordless options: In retiring passwords, security leaders will need to consider their options, passkeys, biometrics, and third-party login services, looking for the best technical, usability, and security fit. There are pros and cons for each option, and in many cases CISOs may be guided towards one based on their existing environment.Passkeys, used by Microsoft, Samsung,…
-
New Russian APT group Void Blizzard targets NATO-based orgs after infiltrating Dutch police
Tags: access, api, apt, attack, authentication, blizzard, cloud, credentials, data, defense, detection, edr, email, fido, framework, group, hacker, identity, least-privilege, login, mfa, microsoft, open-source, passkey, password, phishing, qr, risk, russia, siem, spear-phishing, switch, threat, toolSwitch to spear phishing: In recent months the group seems to have pivoted from password spraying to targeted spear phishing attacks that direct users to fake Microsoft Entra login pages using adversary-in-the-middle (AitM) techniques. Such a campaign led to the compromise of 20 NGOs in April.In its campaign against NGOs, Void Blizzard sent emails masquerading…
-
Understanding the Cookie-Bite MFA Bypass Risk
The Cookie-Bite attack is an advanced evolution of Pass-the-Cookie exploits. This tactic bypasses Multi-Factor Authentication (MFA) by leveraging stolen authentication cookies”, such as Azure Entra ID’s ESTSAUTH and ESTSAUTHPERSISTENT”, to impersonate users. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/understanding-the-cookie-bite-mfa-bypass-risk/
-
AI, Quantum and the Evolving Threat Landscape: Key Findings from the Thales 2025 Data Threat Report
Tags: ai, api, attack, authentication, awareness, breach, cloud, compliance, computing, control, crypto, cryptography, data, encryption, guide, malicious, malware, mfa, nist, passkey, phishing, privacy, programming, ransomware, regulation, risk, software, strategy, threat, tool, vulnerabilityAI, Quantum and the Evolving Threat Landscape: Key Findings from the Thales 2025 Data Threat Report madhav Tue, 05/27/2025 – 04:40 The Thales 2025 Data Threat Report reveals a critical inflection point in global cybersecurity. As the threat landscape grows more complex and hostile, the rapid adoption of generative AI is amplifying both opportunity and…
-
Sicherheit durch einzigartige Merkmale – Biometrische Authentifizierung zwischen Schutz und Risiko
First seen on security-insider.de Jump to article: www.security-insider.de/biometrische-authentifizierung-sicherheit-nutzerfreundlichkeit-datenschutz-a-6f4a430665b690a2f41a6c293e8d3ef5/
-
Unlocking the Gates: REST API Authentication Methods for Modern Security
From Basic Auth’s simplicity to OAuth 2.0’s delegated muscle, this quick-read unpacks the strengths, gaps, and best-fit use cases of the four core REST API authentication methods”, so you pick security that scales, not slows. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/unlocking-the-gates-rest-api-authentication-methods-for-modern-security/
-
Severe vBulletin Flaw Allows Remote Code Execution by Attackers
A newly discovered vulnerability in vBulletin, one of the world’s most popular commercial forum platforms, has highlighted the dangers of relying on method visibility for security. The flaw, affecting vBulletin versions 5.x and 6.x running on PHP 8.1 or later, allowed attackers to invoke protected methods remotely, without authentication, thanks to a subtle but significant…
-
OTP Authentication in 2025: How MojoAuth Stacks Up Against Twilio Verify, Auth0, Stytch Descope
One-time-password (OTP) delivery remains the work-horse of passwordless and multi-factor authentication flows. Yet the 2025 market has fractured into two… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/otp-authentication-in-2025-how-mojoauth-stacks-up-against-twilio-verify-auth0-stytch-descope/
-
Crypto Drainers are Targeting Cryptocurrency Users
Some key recommendations for protecting crypto wallets include: 1. Enable multifactor authentication (2FA or MFA) when available on your wallets 2. Use hardware wallets or cold wallets for maximum security 3. Don’t be phished or socially engineered! Never click a questionable link, install untrusted software, or provide your private keys! 4. Avoid browser extensions! They can…
-
NETGEAR Router Flaw Allows Full Admin Access by Attackers
Tags: access, authentication, backdoor, control, cyber, exploit, firmware, flaw, router, vulnerabilityA severe authentication bypass vulnerability (CVE-2025-4978) has been uncovered in NETGEAR’s DGND3700v2 wireless routers, enabling unauthenticated attackers to gain full administrative control over affected devices. The flaw, rated with a critical CVSSv4 score of 9.3, stems from a hidden backdoor mechanism in the router’s firmware and impacts versions V1.1.00.15_1.00.15NA. Security researchers warn that exploitation could…
-
Critical Vulnerabilities Found in Versa Networks SD-WAN/SASE Platform
The unpatched vulnerabilities, with a CVSS score of 8.6 to 10.0, can lead to remote code execution via authentication bypass First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/critical-zerodays-versa-networks/
-
Critical infrastructure under attack: Flaws becoming weapon of choice
Tags: access, attack, authentication, breach, china, citrix, communications, control, cve, cyber, cybersecurity, dark-web, data-breach, defense, exploit, flaw, fortinet, government, group, hacker, healthcare, ibm, identity, incident, infrastructure, intelligence, iran, kev, login, mfa, monitoring, moveIT, network, ransomware, risk, service, software, strategy, supply-chain, threat, update, vpn, vulnerability, zero-dayTrade in exploit code: IBM’s X-Force found four of the 10 most mentioned common vulnerabilities and exposures (CVEs) on the dark web were linked to sophisticated threat actor groups, including nation-state intelligence agencies.”Exploit codes for these CVEs were openly traded on numerous forums, fueling a growing market for attacks against power grids, health networks, and…
-
Russian APT28 compromised Western logistics and IT firms to track aid to Ukraine
Tags: access, advisory, api, authentication, cctv, cloud, computer, container, credentials, cve, cybersecurity, data, detection, email, exploit, flaw, government, hacker, identity, infrastructure, Internet, login, malicious, malware, mfa, military, network, ntlm, office, open-source, password, phishing, powershell, russia, service, software, threat, tool, ukraine, vulnerabilityCredential guessing and spearphishing: The attackers used brute-force credential guessing techniques, also known as password spraying, to gain initial access to accounts. This was complemented with targeted phishing emails that directed recipients to fake login pages for government entities or Western cloud email providers. These phishing pages were stored on free web hosting services or…
-
How Identity Plays a Part in 5 Stages of a Cyber Attack
Tags: access, attack, authentication, breach, cloud, computer, container, control, credentials, cyber, data, data-breach, detection, endpoint, exploit, group, iam, identity, intelligence, malicious, malware, mfa, microsoft, monitoring, password, powershell, ransomware, risk, technology, threat, tool, vulnerabilityWhile credential abuse is a primary initial access vector, identity compromise plays a key role in most stages of a cyber attack. Here’s what you need to know, and how Tenable can help. Identity compromise plays a pivotal role in how attackers move laterally through an organization. Credential abuse is the top initial access vector,…
-
Critical Zero-Days Found in Versa Networks SD-WAN/SASE Platform
The unpatched vulnerabilities, with a CVSS score of 8.6 to 10.0, can lead to remote code execution via authentication bypass First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/critical-zerodays-versa-networks/
-
Online Cyber Security: Calculating Return on Investment for SSO Implementations
Single sign-on (SSO) simplifies user access by providing one login for many applications. SSO improves online cyber security by reducing password fatigue, decreasing the attack surface of multiple credentials, and centralizing authentication administration. SSO’s benefits are evident, but implementing it takes time, money, and technical effort. Thus, ROI must be carefully assessed. Organizations may justify……
-
Samlify bug lets attackers bypass single sign-on
SAML authenticators should update to patched versions: The flaw has been addressed through patches in samlify versions 2.10.0 and later.Researchers have recommended that systems using SAML authentication must update to a fixed version and ensure “secure SSO flows: implement HTTPS and avoid untrusted sources for SAML flows.”SAML-powered SSO supports a range of use cases: enterprise…
-
Modern authentication: Why OIDC and SAML are just the start
Tags: authenticationYou modernized your apps. Switched to OIDC. Added SAML. Then called it a day. But here’s the uncomfortable truth: modern authentication protocols alone aren’t enough for modern security. When people talk about “modernizing” authentication, they usually mean adding support for protocols like OIDC or SAML. That’s a step in the right direction, without a doubt….…
-
Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE
Critical vulnerabilities in Versa Concerto that are still unpatched could allow remote attackers to bypass authentication and execute arbitrary code on affected systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/unpatched-critical-bugs-in-versa-concerto-lead-to-auth-bypass-rce/
-
Versa Concerto 0-Day Flaw Enables Remote Code Execution by Bypassing Authentication
Tags: authentication, cyber, flaw, government, network, remote-code-execution, risk, service, vulnerability, zero-daySecurity researchers have uncovered multiple critical vulnerabilities in Versa Concerto, a widely deployed network security and SD-WAN orchestration platform used by large enterprises, service providers, and government entities. Despite responsible disclosure efforts over a 90-day period, these vulnerabilities remain unpatched, creating significant risk for organizations using this platform. The issues include authentication bypass flaws, arbitrary…
-
Critical Samlify SSO flaw lets attackers log in as admin
A critical Samlify authentication bypass vulnerability has been discovered that allows attackers to impersonate admin users by injecting unsigned malicious assertions into legitimately signed SAML responses. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-samlify-sso-flaw-lets-attackers-log-in-as-admin/
-
BadSuccessor: Unpatched Microsoft Active Directory attack enables domain takeover
Tags: access, attack, authentication, computer, container, control, credentials, group, microsoft, network, password, powershell, service, updatemsDS-DelegatedMSAState, which indicates whether the migration process is unknown, in progress, or completed; msDS-ManagedAccountPrecededByLink, which indicates the superseded account; and msDS-GroupMSAMembership, which indicates which principals (users, groups, and computers) can authenticate as the account.Once migration to a dMSA account is complete, any machine that authenticates as the superseded service account will receive from Domain Controller…