Tag: authentication
-
CISA Warns of Active Exploitation of SonicWall SonicOS RCE Vulnerability
Tags: authentication, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vpn, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of critical remote code execution (RCE) vulnerability in SonicWall’s SonicOS, tracked as CVE-2024-53704. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February 19, 2025, the flaw enables unauthenticated attackers to hijack SSL VPN sessions and bypass authentication mechanisms…
-
CISA Issues Warning on Palo Alto PAN-OS Security Flaw Under Attack
Tags: attack, authentication, cisa, cyber, cybersecurity, exploit, firewall, flaw, infrastructure, kev, network, vulnerabilityCISA and Palo Alto Networks are scrambling to contain widespread exploitation of a critical authentication bypass vulnerability (CVE-2025-0108) affecting firewall devices running unpatched PAN-OS software. The Cybersecurity and Infrastructure Security Agency (CISA) added the flaw to its Known Exploited Vulnerabilities Catalog on February 19, 2025, following a 900% surge in attack attempts over five days.…
-
CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List
Tags: authentication, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, network, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The flaws are listed below -CVE-2025-0108 (CVSS score: 7.8) – An authentication bypass vulnerability in the Palo Alto Networks PAN-OS…
-
Cyber hygiene habits that many still ignore
Cybersecurity advice is everywhere. We’re constantly reminded to update our passwords, enable two-factor authentication, and avoid clicking suspicious links. Yet, beneath … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/19/cyber-hygiene-habits/
-
Customer Identity & Access Management: Die besten CIAM-Tools
Tags: access, ai, api, authentication, business, cloud, compliance, cyberattack, fido, fraud, gartner, iam, ibm, identity, infrastructure, intelligence, login, marketplace, microsoft, okta, privacy, risk, saas, service, toolWir haben die besten Lösungen in Sachen Customer Identity & Access Management für Sie zusammengestellt.Customer Identity & Access Management (CIAM) bildet eine Unterkategorie von Identity & Access Management (IAM). CIAM wird dazu eingesetzt, die Authentifizierungs- und Autorisierungsprozesse von Applikationen zu managen, die öffentlich zugänglich sind, beziehungsweise von Kunden bedient werden.Geht es darum, die für Ihr…
-
OpenSSH fixes flaws that enable manthe-middle, DoS attacks
The second vulnerability is needed for a successful attack: But how to trigger this memory error on the client in a real-world scenario. One option was to put a very long key on the fake server, but they were limited by the maximum size of the packet that is exchanged during the handshake which is…
-
Juniper Networks fixed a critical flaw in Session Smart Routers
Juniper Networks has addressed a critical vulnerability, tracked as CVE-2025-21589, impacting the Session Smart Router. Juniper Networks addressed a critical authentication bypass vulnerability, tracked as CVE-2025-21589 (CVSS score of 9.8), affecting its Session Smart Router product. >>An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allow a network-based…
-
Authentication credential compromise likely with Xerox VersaLink printer flaws
First seen on scworld.com Jump to article: www.scworld.com/brief/authentication-credential-compromise-likely-with-xerox-versalink-printer-flaws
-
Phishing campaign targets Microsoft device-code authentication flows
Russian state-sponsored hackers have attacked enterprises and government agencies in North America and overseas. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/phishing-campaign-targets-microsoft-device-code-authentication-flows/740201/
-
Juniper patches critical auth bypass in Session Smart routers
Juniper Networks has patched a critical vulnerability that allows attackers to bypass authentication and take over Session Smart Router (SSR) devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/juniper-patches-critical-auth-bypass-in-session-smart-routers/
-
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices.Tracked as CVE-2025-21589, the vulnerability carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3.”An Authentication Bypass Using…
-
CVE-2024-12511: Critical Flaws in Xerox VersaLink MFPs Could Expose Credentials
Security researchers have uncovered critical printer vulnerabilities in Xerox VersaLink C7025 Multifunction Printers (MFPs). These flaws could allow attackers to capture authentication credentials via pass-back attacks using Lightweight Directory Access Protocol (LDAP) and SMB/FTP services. Overview of the Vulnerabilities Deral… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-12511-xerox-versalink-printers-flaws/
-
Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers
Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. Rapid7 researchers discovered vulnerabilities in Xerox Versalink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. The vulnerabilities are: The vulnerabilities impact Xerox…
-
New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials
Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol (LDAP) and SMB/FTP services.”This pass-back style attack leverages a vulnerability that allows a malicious actor to alter the MFP’s configuration and cause the MFP First seen on…
-
Laserjet: Teils kritische Schwachstellen gefährden zahllose HP-Drucker
Angreifer können die Lücken ausnutzen, um aus der Ferne und ohne jegliche Authentifizierung oder Nutzerinteraktion Schadcode auszuführen. First seen on golem.de Jump to article: www.golem.de/news/laserjet-teils-kritische-schwachstellen-gefaehrden-zahllose-hp-drucker-2502-193438.html
-
Password managers under increasing threat as infostealers triple and adapt
Tags: access, attack, authentication, automation, breach, ceo, cloud, credentials, crypto, cyber, cybercrime, cybersecurity, dark-web, data, data-breach, defense, email, encryption, exploit, finance, hacker, identity, intelligence, least-privilege, login, malicious, malware, mfa, password, phishing, ransomware, risk, service, switch, tactics, theft, threat, tool, vulnerability, zero-trustMalware-as-a-service infostealers: For example, RedLine Stealer is specifically designed to target and steal sensitive information, including credentials stored in web browsers and other applications. It is often distributed through phishing emails or by tricking prospective marks into visiting booby-trapped websites laced with malicious downloaders.Another threat comes from Lumma stealer, offered for sale as a malware-as-a-service,…
-
Juniper Issues Warning About Critical Authentication Bypass Vulnerability
Juniper Networks has issued an urgent security bulletin for its Session Smart Router, Session Smart Conductor, and WAN Assurance Router product lines, revealing a critical API authentication bypass vulnerability (CVE-2025-21589) that enables unauthenticated attackers to gain full administrative control over devices. The flaw carries maximum severity ratings of 9.8 under CVSS v3.1 and 9.3 under…
-
Attackers Exploit Palo Alto Zero-Day Authentication Bypass
Tags: access, attack, authentication, exploit, firewall, hacker, network, software, vulnerability, zero-daySurge in Attack Attempts Spotted After Palo Alto Networks Details and Patches Flaw. Attackers have stepped up efforts to exploit a vulnerability in the software that runs Palo Alto Networks firewall appliances that could give them direct access to the underlying software. Unauthenticated hackers could use PHP scripts to bypass the PAN-OS management web interface.…
-
Xerox Printer Vulnerability Exposes Authentication Data Via LDAP and SMB
Tags: access, authentication, credentials, cyber, data, flaw, iot, malicious, network, theft, vulnerabilityA critical security vulnerability in Xerox’s Versalink C7025 Multifunction Printer (MFP) has been uncovered, exposing enterprise networks to credential theft and lateral attacks. The flaw, discovered by Rapid7 Principal IoT Researcher Deral Heiland, enables malicious actors to intercept Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB) authentication data through pass-back attacks. The vulnerabilities,…
-
Threat researchers spot ‘device code’ phishing attacks targeting Microsoft accounts
Suspected Russian nation-state threat groups have duped multiple victims into granting potentially persistent access to networks via authentication requests and valid tokens. First seen on cyberscoop.com Jump to article: cyberscoop.com/russia-threat-groups-device-code-phishing-microsoft-accounts/
-
Palo Alto Networks PAN-OS flaw risks authentication bypass
First seen on scworld.com Jump to article: www.scworld.com/news/palo-alto-networks-pan-os-flaw-risks-authentication-bypass
-
Threat actors are using legitimate Microsoft feature to compromise M365 accounts
Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/14/microsoft-device-code-authentication-phishing-m365-account-compromise/
-
Hackers exploit authentication bypass in Palo Alto Networks PAN-OS
Hackers are launching attacks against Palo Alto Networks PAN-OS firewalls by exploiting a recently fixed vulnerability (CVE-2025-0108) that allows bypassing authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-authentication-bypass-in-palo-alto-networks-pan-os/
-
SonicWall firewall bug leveraged in attacks after PoC exploit release
Attackers are now targeting an authentication bypass vulnerability affecting SonicWall firewalls shortly after the release of proof-of-concept (PoC) exploit code. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-firewall-bug-leveraged-in-attacks-after-poc-exploit-release/
-
Russian Hackers Target Microsoft 365 Accounts with Device Code Phishing
Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-microsoft-device-code/
-
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108)
Overview Recently, NSFOCUS CERT detected that Palo Alto Networks issued a security announcement and fixed the identity bypass vulnerability in PAN-OS (CVE-2025-0108). Due to the problem of path processing by Nginx/Apache in PAN-OS, unauthenticated attackers can bypass authentication to access the management web interface of PAN-OS device and call some PHP scripts, thus obtaining sensitive…The…
-
Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure
Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure. The post Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/hackers-exploit-palo-alto-firewall-vulnerability-day-after-disclosure/
-
Astaroth 2FA Phishing Kit Targets Gmail, Yahoo, Office 365, and Third-Party Logins
Tags: 2fa, authentication, credentials, cyber, cybercrime, cybersecurity, login, mfa, network, office, phishing, threatA new phishing kit named Astaroth has emerged as a significant threat in the cybersecurity landscape by bypassing two-factor authentication (2FA) mechanisms. First advertised on cybercrime networks in January 2025, Astaroth employs advanced techniques such as session hijacking and real-time credential interception to compromise accounts on platforms like Gmail, Yahoo, Office 365, and other third-party…
-
Device Code Phishing Attack Exploits Authentication Flow to Hijack Tokens
Tags: attack, authentication, cyber, defense, exploit, government, intelligence, microsoft, phishing, service, threatA sophisticated phishing campaign leveraging the device code authentication flow has been identified by Microsoft Threat Intelligence, targeting a wide range of sectors, including government, NGOs, IT services, and critical industries such as defense and energy. The campaign, attributed to a threat actor known as Storm-2372, has been active since August 2024 and is assessed…