Search cyberveille.decio.ch

Found 7 bookmarks

Custom sorting

SolarWinds Trust Center Security Advisories | CVE-2024-28987

The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.

#solarwinds #EN #2024 #CVE-2024-28987 #hardcoded #credential #Advisorie #WHD #WebHelpDesk

·solarwinds.com·Aug 22, 2024

SolarWinds Trust Center Security Advisories | CVE-2024-28987

Microsoft: APT28 hackers exploit Windows flaw reported by NSA

Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg. #APT28 #Computer #Credential #Escalation #Exploit #GooseEgg #InfoSec #NSA #Print #Privilege #Security #Spooler #Theft #Windows

#bleepingcomputer #EN #2024 #NSA #Spooler #Print #Theft #Escalation #Credential #Windows #Privilege #GooseEgg #Exploit #APT28

·bleepingcomputer.com·Apr 22, 2024

Microsoft: APT28 hackers exploit Windows flaw reported by NSA

Hundreds of network operators’ credentials found circulating in Dark Web

Hundreds of compromised credentials of customers of RIPE, APNIC, AFRINIC, and LACNIC available on the dark web, Resecurity warns.

#securityaffairs #EN #2024 #darkweb #RIPE #APNIC #AFRINIC #LACNIC #credential #compromised

·securityaffairs.com·Jan 30, 2024

Hundreds of network operators’ credentials found circulating in Dark Web

23andMe data breach: Hackers stole raw genotype data, health reports

Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27. #23andMe #Breach #Computer #Credential #DNA #Data #Genetics #Health #InfoSec #Leak #Security #Stuffing

#bleepingcomputer #EN #2024 #Stuffing #Credential #InfoSec #Data #Genetics #Leak #DNA #Breach #Security #Computer #23andMe #Health

·bleepingcomputer.com·Jan 26, 2024

23andMe data breach: Hackers stole raw genotype data, health reports

X-Force uncovers global NetScaler Gateway credential harvesting campaign

In September of 2023, X-Force uncovered a campaign where attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials. The campaign is another example of increased interest from cyber criminals in credentials. The 2023 X-Force cloud threat report found that 67% of cloud-related incident response engagements were associated with the use of stolen credentials.

#securityintelligence #EN #2023 #NetScaler #Gateway #CVE-2023-3519 #credential #harvesting #campaign

·securityintelligence.com·Oct 8, 2023

X-Force uncovers global NetScaler Gateway credential harvesting campaign

Credential Gathering From Third-Party Software

Users often store passwords in third-party software for convenience – but credential gathering techniques can target this behavior.

#unit42 #EN #2022 #passwords #Analysis #credential #gathering #techniques

·unit42.paloaltonetworks.com·Sep 19, 2022

Credential Gathering From Third-Party Software

Users often store passwords in third-party software for convenience – but credential gathering techniques can target this behavior.

#unit42 #EN #2022 #passwords #Analysis #credential #gathering #techniques

·unit42.paloaltonetworks.com·Sep 19, 2022

Credential Gathering From Third-Party Software