New Azure AD Bug Lets Hackers Brute-Force Passwords Without Getting Caught https://ift.tt/3omH4OY Cybersecurity researchers have disclosed an unpatched security vulnerability in the protocol used by Microsoft Azure Active Directory that potential adversaries could abuse to stage undetected brute-force attacks. “This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory (Azure AD) […]

SANS Experts: 4 Emerging Enterprise Attack Techniques https://ift.tt/3DGqZZG In a recent report, a panel of SANS Institute experts broke down key takeaways and emerging attack techniques from this year’s RSA Security Conference. The long and short of it? This next wave of malicious methodologies isn’t on the horizon — it’s here. When it comes to […]

CVE-2021-26084: Confluence servers are under attack | Kaspersky official blog https://ift.tt/38KxlJ2 At the end of August, Atlassian, the company behind such tools as Jira, Confluence, and Hipchat, announced the release of an update to fix the CVE-2021-26084 vulnerability in its corporate wiki tool, Confluence. Since then, security experts have seen widespread searches for vulnerable Confluence […]

500,000 Fortinet VPN credentials exposed: Turn off, patch, reset passwords https://ift.tt/3nwneQX A threat actor has leaked a list of almost 500,000 Fortinet VPN credentials, stolen from 87,000 vulnerable FortiGate SSL-VPN devices. The breach list provides raw access to organizations in 74 countries, including the USA, India, Taiwan, Italy, France, and Israel, with almost 3,000 US […]

Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices https://ift.tt/3jTaEJa Network security solutions provider Fortinet confirmed that a malicious actor had unauthorizedly disclosed VPN login names and passwords associated with 87,000 FortiGate SSL-VPN devices. “These credentials were obtained from systems that remained unpatched against CVE-2018-13379 at the time of the actor’s scan. While they […]

Zoho Releases Security Update for ADSelfService Plus https://ift.tt/3yYLBbH Original release date: September 7, 2021 | Last revised: September 8, 2021 Zoho has released a security update on a vulnerability (CVE-2021-40539) affecting ManageEngine ADSelfService Plus builds 6113 and below. CVE-2021-40539 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to […]

Hold the Door: Why Organizations Need to Prioritize Patching SSL VPNs https://ift.tt/3zgUkHf Three critical SSL VPN vulnerabilities have become some of the most exploited by advanced persistent threat actors and ransomware groups. To effectively prioritize remediation efforts, defenders must understand how attackers are targeting organizations and then act on that knowledge. Vulnerabilities in SSL VPN […]

ProxyToken: An Authentication Bypass in Microsoft Exchange Server https://ift.tt/3zGkQtK Continuing with the theme of serious vulnerabilities that have recently come to light in Microsoft Exchange Server, in this article we present a new vulnerability we call ProxyToken. It was reported to the Zero Day Initiative in March 2021 by researcher Le Xuan Tuyen of VNPT […]

Microsoft Azure Cosmos DB Guidance https://ift.tt/3kxDVYN Original release date: August 27, 2021 CISA is aware of a misconfiguration vulnerability in Microsoft’s Azure Cosmos DB that may have exposed customer data. Although the misconfiguration appears to have been fixed within the Azure cloud, CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate […]