Zephyrnet Logo

Generative Data Intelligence

Tag: Authentication bypass

Patch Now: Critical Fortinet RCE Bug Under Active Attack

Cyber Security
As expected, cyberattackers have pounced on a critical remote code execution (RCE) vulnerability in the Fortinet Enterprise Management Server (EMS) that was patched last...

Top News

Critical Zero-Day Bug in Atlassian Confluence Under Active Exploit

Cyber Security
A critical privilege-escalation vulnerability in Atlassian Confluence Server and Confluence Data Center has been disclosed, with evidence of exploitation in the wild as a...

China-Linked Actor Taps Linux Backdoor in Forceful Espionage Campaign

Cyber Security
"Earth Lusca," a China-linked cyber espionage actor that's been actively targeting government organizations in Asia, Latin America, and other regions since at least 2021...

ASUS warns router customers: Patch now, or block all inbound requests

Cyber Security
by Paul Ducklin ASUS is a well-known maker of popular electronics products, ranging from laptops and phones to home routers...

CISA: ZK Java Framework RCE Flaw Under Active Exploit

Cyber Security
A high-severity authentication bypass vulnerability in a widely used open source Java framework is under active exploit by threat actors, who are using the...

OT Network Security Myths Busted in a Pair of Hacks

Cyber Security
S4x23 — Miami — As IT and operational technology (OT) network lines continue to blur in the rapidly digitalized industrial sector, new vulnerabilities and...

MagicWeb Mystery Highlights Nobelium Attacker’s Sophistication

Cyber Security
Microsoft has tracked down a sophisticated authentication bypass for Active Directory Federated Services (AD FS), pioneered by the Russia-linked Nobelium group. The malware that allowed...

Cyberattackers Selling Access to Networks Compromised via Recent Fortinet Flaw

Cyber Security
Fortinet customers that have not yet patched a critical authentication bypass vulnerability that the vendor disclosed in October in multiple versions of its FortiOS,...

Critical Security Bugs Uncovered in VoIPmonitor Monitoring Software

Cyber Security
Critical security vulnerabilities have been uncovered in VoIPmonitor software that, if successfully exploited, could allow unauthenticated attackers to escalate privileges to the administrator level and execute arbitrary commands. Following responsible disclosure by researchers from Kerbit, an Ethiopia-based penetration-testing and vulnerability research firm, on December 15, 2021, the issues

100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature

Cyber Security
A group of academics from Tel Aviv University have disclosed details of now-patched "severe" design flaws affecting about 100 million Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys. The shortcomings are the result of an analysis of the cryptographic design and implementation of Android's hardware-backed Keystore in Samsung's Galaxy S8,

Moxa MXview Vulnerabilities Expose Industrial Networks to Attacks

Cyber Security

Several vulnerabilities, including some that have been rated “critical,” were found in the past months in Moxa’s MXview industrial network management software.

read more

Apple zero-day drama for Macs, iPhones and iPads – patch now!

Cyber Security
Sudden update! Zero-day browser hole! Drive-by malware danger! Patch Apple laptops and phones now...

Multi-Factor Authentication Bypass Led to Box Account Takeover

Cyber Security

A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over victim’s accounts without having access to the victim’s phone, according to new research from Varonis.

read more

123Page 1 of 3

Latest Intelligence

spot_img
spot_img

Copyright @ 2024 Plato Technologies Inc.

Chat with us

Hi there! How can I help you?