Security News

cPanel 2FA bypass vulnerability can be exploited through brute force
2020-11-25 10:55

A two-factor authentication bypass vulnerability affecting the popular cPanel & WHM software suite may allow attackers to access secured accounts, Digital Defense researchers have found. Still, admins of sites that are managed through cPanel should check whether their provider did perform the update.

2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software
2020-11-24 23:14

cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication protection on an account. cPanel and WHM offers a Linux-based control panel for users to handle website and server management, including tasks such as adding sub-domains and performing system and control panel maintenance.

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns
2020-11-20 20:56

Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns. Armorblox co-founder and head of engineering Arjun Sambamoorthy just published a report detailing how now-ubiquitous services like Google Forms, Google Docs and others are being used by malicious actors to give their spoofing attempts a false veneer of legitimacy, both to security filters and victims.

Apple Lets Some of its Big Sur macOS Apps Bypass Firewall and VPNs
2020-11-18 01:14

Apple is facing the heat for a new feature in macOS Big Sur that allows many of its own apps to bypass firewalls and VPNs, thereby potentially allowing malware to exploit the same shortcoming to access sensitive data stored on users' systems and transmit them to remote servers. "Some Apple apps bypass some network extensions and VPN Apps," Maxwell tweeted.

Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs
2020-11-17 13:23

Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypass content filters and VPNs. They say it is a liability that can be exploited by threat actors to bypass firewalls and give them access to people's systems and expose their sensitive data. Despite concerns and questions among security professionals, Apple released Big Sur to the public on Nov. 12.

Apple's privacy pledges: We sent dev checks over plain HTTP, logged IP addresses. We bypass firewall apps
2020-11-17 07:51

Now Apple has stressed that this app security check does not send anyone's Apple IDs nor device identifiers over the 'net, though it did log people's public IP addresses. "To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs," Apple said.

New Slipstream NAT bypass attacks to be blocked by browsers
2020-11-09 16:09

Web browser vendors are planning to block a new attack technique that would allow attackers to bypass a victim's NAT, firewall, or router to gain access to any TCP/UDP service hosted on their devices. To expose hosted services, the attack abuses certain NAT devices scanning port 5060 to create port forwarding rules when detecting maliciously-crafted HTTP requests camouflaged as valid SIP requests.

GitHub threatens to ban users who bypass YouTube-dl takedown
2020-11-02 11:27

GitHub has issued a warning that accounts could be banned if they continue to upload content that was removed due to DMCA takedown notices. On October 23rd, 2020, GitHub removed the source code repositories for the popular video download tool called YouTube-dl after the Recording Industry Association of America, Inc. filed a DMCA infringement notice.

New NAT/Firewall Bypass Attack Lets Hackers Access Any TCP/UDP Service
2020-11-02 04:39

"NAT Slipstreaming exploits the user's browser in conjunction with the Application Level Gateway connection tracking mechanism built into NATs, routers, and firewalls by chaining internal IP extraction via timing attack or WebRTC, automated remote MTU and IP fragmentation discovery, TCP packet size massaging, TURN authentication misuse, precise packet boundary control, and protocol confusion through browser abuse," Kamkar said in an analysis. NAT Slipstreaming works by taking advantage of TCP and IP packet segmentation to remotely adjust the packet boundaries and using it to create a TCP/UDP packet starting with a SIP method such as REGISTER or INVITE. SIP is a communications protocol used for initiating, maintaining, and terminating real-time multimedia sessions for voice, video, and messaging applications.

‘Copyright Violation’ Notices Lead to Facebook 2FA Bypass
2020-10-28 20:13

Scammers have hatched a new way to attempt to bypass two-factor authentication protections on Facebook. The first step in the "Appeal?" The victim is asked to submit a username, password and 2FA code from their mobile device, according to Sophos researcher Paul Ducklin, allowing fraudsters bypass 2FA. 2FA is an added layer of protection on top of a username and password that usually involves sending a unique code to a mobile device, which must be entered to access a platform.