Windows Remote Desktop Protocol Allows Revoked Passwords; Microsoft Calls it a Feature
#Cybersecurity #Windows11 #RDP #Microsoft #SecurityFlaw #PasswordSecurity #InfoSec #CachedCredentials #WindowsSecurity #SysAdmin
Recent searches
Search options
#securityflaw
1 post1 participant0 posts today
BREAKING: Security flaw discovered in Erlang/OTP SSH server, but don't worry, you can't read about it because the server is too busy playing hide and seek with its own responses. 
Meanwhile, the tech world collectively pretends this is the first time a server has dropped the ball. 
https://nvd.nist.gov/vuln/detail/CVE-2025-32433 #ErlangSSH #SecurityFlaw #TechNews #ServerIssues #HideAndSeek #CyberSecurity #HackerNews #ngated
nvd.nist.govNVD - CVE-2025-32433
Noticed an unexpected 'inetpub' folder on your Windows PC? Microsoft’s latest update is creating it to tackle a serious security flaw. Curious how a routine update turned into a security mystery?
https://thedefendopsdiaries.com/understanding-the-inetpub-folder-a-security-update-mystery/
The DefendOps Diaries · Understanding the 'inetpub' Folder: A Security Update Mystery
This top #WordPress plugin could be hiding a worrying #securityflaw, so be on your guard
TechRadar pro · This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Wow, someone discovered a security flaw! All hail the tech hero who bumbled upon a bug in software made to be unhackable.
It’s like accidentally finding a secret passage in a LEGO castle—totally intentional and absolutely deserving of a blog post with a self-indulgent menu.
https://mattsayar.com/how-i-hacked-my-companys-sso-provider/ #techhero #securityflaw #softwarebug #hackingnews #accidentaldiscovery #LEGOfinds #HackerNews #ngated
mattsayar.comHow I hacked my company's SSO providerI never thought I'd stumble across a previously-undiscovered vulnerability, much less one in security software. I love reading stories about how people find and report bugs, and how the companies react (preferably thankfully!). I also admire the deep analytical skills required to deconstruct exploitable software,…
"He included a PoC that caused the ChatGPT app for macOS to send a verbatim copy of all user input and ChatGPT output to a server of his choice. All a target needed to do was instruct the LLM to view a web link that hosted a malicious image. From then on, all input and output to and from ChatGPT was sent to the attacker's website."
Ars Technica · Hacker plants false memories in ChatGPT to steal user data in perpetuity
Cisco discloses a 10.0 CVSS rating vulnerability in SSM On-Prem
https://stackdiary.com/cisco-discloses-cve-2024-20419-for-ssm-on-prem/
Stack Diary · Cisco discloses a 10.0 CVSS rating vulnerability in SSM On-PremCisco has revealed a significant security flaw in its Smart Software Manager On-Prem (SSM On-Prem), scoring a perfect 10.0 on the Common Vulnerability
IdentifyMobile incident exposed 200M records from hundreds of companies
https://stackdiary.com/identifymobile-incident-exposed-200m-records-from-hundreds-of-companies/
Stack Diary · IdentifyMobile incident exposed 200M records from hundreds of companiesImagine someone gaining access to your online banking account, your private email, or your social media profiles. Despite your efforts to secure these
Linksys Velop routers send Wi-Fi passwords in plaintext to US servers
https://stackdiary.com/linksys-velop-routers-send-wi-fi-passwords-in-plaintext-to-us-servers/
Stack Diary · Linksys Velop routers send Wi-Fi passwords in plaintext to US serversAccording to Testaankoop, the Belgian equivalent of the Consumers' Association, two types of Linksys routers are sending Wi-Fi login details in plaintext
Mastodon: Security flaw allows unauthorized access to posts
https://stackdiary.com/mastodon-security-flaw-allows-unauthorized-access-to-posts/
Signal under fire for storing encryption keys in plaintext
https://stackdiary.com/signal-under-fire-for-storing-encryption-keys-in-plaintext/
Stack Diary · Signal under fire for storing encryption keys in plaintextPopular encrypted messaging app Signal is facing criticism over a security issue in its desktop application. Researchers and app users are raising
»#OpenAI’s #ChatGPT #Macapp was storing conversations in plain text: After the #securityflaw was spotted, OpenAI updated its desktop ChatGPT app to #encrypt the #locally stored records.« https://www.theverge.com/2024/7/3/24191636/openai-chatgpt-mac-app-conversations-plain-text?eicker.news #tech #media
The Verge · OpenAI’s ChatGPT Mac app was storing conversations in plain text
Critical GitHub Enterprise Server Flaw Allows Authentication Bypass
Date: May 21, 2024
CVE: [[CVE-2024-4985]]
Vulnerability Type: Improper Authentication
CWE: [[CWE-287]]
Sources: Cyber Security News, SecurityWeek, The Hacker News
Issue Summary
A critical vulnerability in GitHub Enterprise Server, identified as CVE-2024-4985, was discovered that allows attackers to bypass authentication. This flaw, found in versions 3.9.14, 3.10.11, 3.11.9, and 3.12.3, permits unauthorized access to repositories and sensitive data by exploiting a weakness in the SAML SSO authentication process.
Technical Key Findings
The vulnerability arises from a logic error in the SAML SSO authentication process, where the server fails to verify the validity of digital signatures on SAML responses properly. Attackers can craft SAML assertions with any certificate, which the server incorrectly accepts, allowing the spoofing of user identities, including admin accounts.
Vulnerable Products
- GitHub Enterprise Server versions 3.9.14
- GitHub Enterprise Server versions 3.10.11
- GitHub Enterprise Server versions 3.11.9
- GitHub Enterprise Server versions 3.12.3
Impact Assessment
Exploitation of this vulnerability could lead to unauthorized access to private repositories, sensitive data, and administrative controls. This can result in data breaches, code tampering, and potential intellectual property theft.
Patches or Workaround
GitHub has released patched versions (3.9.15, 3.10.12, 3.11.10, and 3.12.4) to address this issue. As an interim measure, enabling SAML certificate pinning can mitigate the risk. Additionally, auditing access logs for suspicious activity and rotating credentials is advised.
Tags
Cyber Security News · Critical GitHub Enterprise Server Flaw Allowed Attackers to Bypass AuthenticationA critical vulnerability was discovered in the GitHub Enterprise Server that could allow attackers to completely bypass authentication and gain unauthorized access to repositories and sensitive data.
#Anycubic users say their #3Dprinters were hacked to warn of a #securityflaw
This #vulnerability allegedly enables potential attackers to control any Anycubic #3Dprinter affected by this vulnerability using the company's #MQTT service #API.
The hacked_machine_readme.gcode file received by the impacted devices also asks Anycubic to open-source their 3D printers because the company's software "is lacking." The file claims 2,934,635 devices downloaded this warning .
https://techcrunch.com/2024/02/28/anycubic-users-3d-printers-hacked-warning/
" #KeyTrap DoS: The DNSSEC Dilemma - A 25-Year-Old Design Flaw Exposed "
In a groundbreaking discovery, researchers from the National Research Center for Applied Cybersecurity ATHENE have unveiled #KeyTrap (CVE-2023-50387), a critical flaw in DNSSEC's design that could bring the internet to its knees. With a severity rating of 7.5/10, this flaw in DNSSEC has been lurking since 1999, and affects 31% of global DNSSEC-validating DNS resolvers, risking widespread internet service disruptions. KeyTrap, an Algorithmic Complexity Attack, can overload a DNS server with a single packet, stalling major DNS providers like Google and Cloudflare for up to 16 hours. This vulnerability not only jeopardizes internet access but could also cripple essential security mechanisms like anti-spam defenses and PKI. Despite patches being rolled out, a permanent fix may necessitate a DNSSEC standard overhaul. 
Tags: #CyberSecurity #DNSSEC #Vulnerability #InternetSafety #PatchNow #TechNews #InfoSecExchange #SecurityFlaw #DigitalInfrastructure 
Source: ATHENE Press Portal
cve.mitre.orgCVE -
CVE-2023-50387
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
This is one worth sharing folks
A serious flaw in bluetooth from versions 4.2 onwards has been discovered.
It CANNOT be fixed as it's the architectural design and is NOT a software flaw that can be patched.
It doesn't matter what device you are using, anything from 2014 onwards, using 4.2 to the latest 5.4 is vulnerable to attack and decryption of data being transferred.
Even apple airdrop is vulnerable as that uses bluetooth for file transfers.
" ShellTorch Attack: A Fiery Threat to PyTorch Models "
The #ShellTorch attack exposes millions of #PyTorch systems to critical Remote Code Execution (RCE) vulnerabilities! Researchers from Oligo Security have unveiled a series of vulnerabilities within the PyTorch Model Server, aka TorchServe. 
A series of critical vulnerabilities, known as 'ShellTorch,' has been discovered in the TorchServe AI model-serving tool, widely used by organizations such as Amazon, OpenAI, Tesla, Azure, Google, and Intel. These flaws can potentially allow unauthorized access and remote code execution on vulnerable servers. The vulnerabilities affect TorchServe versions 0.3.0 through 0.8.1.
One of the vulnerabilities stems from a misconfiguration in the management interface API, which exposes it to external requests without proper authentication, enabling malicious model uploads from external sources. Another issue is a remote server-side request forgery (SSRF) that can lead to remote code execution, as all domains are accepted by default. The third vulnerability involves Java deserialization, allowing attackers to execute remote code.
Vulnerabilities include:
- Unauthenticated Management Interface API Misconfiguration
- CVE-2023-43654: SSRF leading to RCE
- CVE-2022-1471: Java Deserialization RCE due to SnakeYAML library misuse
Affected organizations include giants like Walmart, Amazon, OpenAI, Tesla, Azure, Google Cloud, and Intel. The vulnerabilities allow attackers to execute code remotely with high privileges, potentially affecting thousands of IP addresses globally. 
Mitigation steps:
- Update to TorchServe v0.8.2 or above
- Configure the Management Console
- Control Model Fetching
Source: HackRead, The Hacker News
Tags: #Cybersecurity #Vulnerability #AI #ML #PyTorch #ShellTorch #RCE #CyberAttack #InfoSec #SecurityFlaw #MachineLearning #Artificial
Hackread - Latest Cybersecurity News, Press Releases & Technology Today · ShellTorch Attack Exposes Millions of PyTorch Systems to RCE VulnerabilitiesFollow us on Twitter @Hackread - Facebook @ /Hackread
Mozilla, CISA urge users to patch Firefox security flaw
Mozilla released an advisory this week warning users of a vulnerability affecting its popular web browser and email client.
Exploitation of the bug would allow a hacker to take control of an affected system, officials at the Cybersecurity and Infrastructure Security Agency (CISA) said in their own notice.
https://therecord.media/mozilla-cisa-urge-users-to-patch-firefox-vulnerability #Mozilla #CISA #patch #Firefox #SecurityFlaw
therecord.mediaMozilla, CISA urge users to patch Firefox security flawMozilla released an advisory this week warning users of a vulnerability affecting its popular web browser and email client.
Security researchers at #Mandiant say #China-backed #hackers are likely behind the mass-exploitation of a recently discovered #zeroday #securityflaw in #BarracudaNetworks' #email security gear, which prompted a warning to customers to remove and replace affected devices. Their goal was to spy on #government and #academic accounts https://techcrunch.com/2023/06/15/mandiant-china-hackers-barracuda-espionage-governments/
Time to hit Ye Ole "Yum Update"!
That's righ! I said "Yum"!
You may want to run system updates, after a recent sudo security flaw https://www.gamingonlinux.com/2023/02/you-may-want-to-run-system-updates-after-a-recent-sudo-security-flaw/
