Security News

Phishers are trying to bypass Office 365 MFA via rogue apps
2020-05-19 13:12

Phishers are trying to bypass the multi-factor authentication protection on users' Office 365 accounts by tricking them into granting permissions to a rogue application. How? The aforementioned authorization code is exchanged for an access token that is presented by the rogue application to Microsoft Graph, which will authorize its access.

Bored at home? Cisco has just the thing: A shed-load of security fixes to install, from a Kerberos bypass to crashes
2020-05-07 23:13

Despite the absence of a critical remote code or command execution bug, the patches include a number of serious programming blunders, particularly in the context of the network security appliances where they were found. The Adaptive Security Appliance range - Cisco's fancy term for a firewall - is host to 11 of the bug fixes.

Salt peppered with holes? Automation tool vulnerable to auth bypass: Patch now
2020-04-30 11:35

The Salt configuration tool has patched two vulnerabilities whose combined effect was to expose Salt installations to complete control by an attacker. Salt is a tool from SaltStack which has both commercial and open source editions.

Microsoft Will Not Patch Security Bypass Flaw Abusing MSTSC
2020-04-21 12:06

A DLL side-loading vulnerability related to the Microsoft Terminal Services Client can be exploited to bypass security controls, but Microsoft says it will not be releasing a patch due to exploitation requiring elevated privileges. This allows an attacker who can replace the legitimate DLL to bypass security controls such as AppLocker, which is designed to help users control which apps and files can be run.

‘Fake Fingerprints’ Bypass Scanners with 3D Printing
2020-04-08 13:00

New research has found that it's possible to use 3D printing technology to create "Fake fingerprints" that can bypass most fingerprint scanners used by popular devices. Cisco Talos today came out with some new research regarding how these scanners can be defeated using different technologies like 3D printing, and basically looking at fingerprint scanners and the security behind them in general.

Apple’s iOS 13.4 hit by VPN bypass vulnerability
2020-03-30 13:43

Publicised by ProtonVPN, the issue is a bypass flaw caused by iOS not closing existing connections as it establishes a VPN tunnel, affecting iOS 13.3.1 as well as the latest version. A VPN app should open a private connection to a dedicated server through which all internet traffic from the device is routed before being forwarded to the website or service someone is accessing.

Apple Unpatched VPN Bypass Bug Impacts iOS 13, Warn Researchers
2020-03-27 14:43

Researchers said the Apple VPN bypass bug in iOS fails to terminate all existing connections and leaves a limited amount of data unprotected, such as a device's IP address, exposing it for a limited window of time. "Most connections are short-lived and will eventually be re-established through the VPN tunnel on their own. However, some are long-lasting and can remain open for minutes to hours outside the VPN tunnel," researchers explained in a technical analysis of the flaw.

No Patch for VPN Bypass Flaw Discovered in iOS
2020-03-26 19:55

Proton Technologies, the company behind the privacy-focused ProtonMail and ProtonVPN services, this week disclosed the existence of a vulnerability in Apple's iOS mobile operating system that prevents VPN applications from encrypting all traffic. When a VPN is used, the device's operating system should close all existing internet connections and reestablish them through a VPN tunnel to protect the user's data and privacy.

ProtonMail, ProtonVPN Will Use Alternative Routing to Bypass Censorship
2020-03-16 12:57

Over the coming weeks, a new alternative routing feature will become available across all of the ProtonMail and ProtonVPN mobile and desktop applications, the company says. "While we have largely been able to overcome censorship and attacks, it's imperative that we remain one step ahead of those who would seek to spy on people and restrict the freedom of information. Alternative routing is an additional capability which helps us ensure users can access our services," Proton says.

State-Sponsored Cyberspies Use Sophisticated Server Firewall Bypass Technique
2020-02-25 16:33

A threat actor - likely a state-sponsored cyberespionage group - has used a sophisticated technique to allow a piece of malware hosted on a server to communicate with command and control servers through a firewall. It's unclear exactly how the attackers planted the malware, but researchers believe they may have accessed the server through a dictionary attack on an exposed SSH port.