Security News

A high-severity authentication bypass vulnerability was recently addressed in the Bouncy Castle cryptography library. Synopsys CyRC security researchers revealed this week that an authentication vulnerability they identified in the OpenBSDBcrypt class of the Java cryptography library could be abused to bypass password checks in applications relying on the library.

The NSA has published an advisory outlining how "Malicious cyber actors" are "Are manipulating trust in federated authentication environments to access protected data in the cloud." This is related to the SolarWinds hack I have previously written about, and represents one of the techniques the SVR is using once it has gained access to target networks. The actors leverage privileged access in the on-premises environment to subvert the mechanisms that the organization uses to grant access to cloud and on-premises resources and/or to compromise administrator credentials with the ability to manage cloud resources.

An advisory from the U.S. National Security Agency provides Microsoft Azure administrators guidance to detect and protect against threat actors looking to access resources in the cloud by forging authentication information. The two tactics, techniques, and procedures discussed in NSA's advisory have been in use since at least 2017 and refer to forging Security Assertion Markup Language tokens for single sign-on authentication to other service providers.

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

Toward the end of the second incident that Volexity worked involving Dark Halo, the actor was observed accessing the e-mail account of a user via OWA. This was unexpected for a few reasons, not least of which was the targeted mailbox was protected by MFA. Logs from the Exchange server showed that the attacker provided username and password authentication like normal but were not challenged for a second factor through Duo. The logs from the Duo authentication server further showed that no attempts had been made to log into the account in question.

This week, Mattermost, in coordination with Golang has disclosed 3 critical vulnerabilities within Go language's XML parser. The XML round-trip vulnerabilities listed below lurk in Golang's XML language parser encoding/xml which doesn't return reliable results when encoding and decoding XML input.

This is a weird story of a building owner commissioning an artist to paint a mural on the side of his building - except that he wasn't actually the building's owner. The fake landlord met Hawkins in person the day after Thanksgiving, supplying the paint and half the promised fee.

Tom Merritt lists five reasons why SMS should not be used for MFA. Multi-factor authentication, or as we used to call it two-factor authentication, is essential-it means you don't rely on your password alone for security. SMS is the most frequently used additional factor because almost everybody has it, and it's a little easier to manage for developers-but it's also the least secure.