Security News

Bypassing Two-Factor Authentication
2022-04-01 11:12

Some forms of MFA are stronger than others, and recent events show that these weaker forms aren't much of a hurdle for some hackers to clear. Sending a bunch of MFA requests and hoping the target finally accepts one to make the noise stop.

Bypassing Apple’s AirTag Security
2022-02-23 12:28

A Berlin-based company has developed an AirTag clone that bypasses Apple's anti-stalker security systems. Source code for these AirTag clones is available online.

Highly Evasive Adaptive Threats (HEAT) bypassing traditional security defenses
2022-02-08 05:30

Menlo Security announced it has identified a surge in cyberthreats, termed Highly Evasive Adaptive Threats, that bypass traditional security defenses. HEAT attacks are a class of cyber threats targeting web browsers as the attack vector and employs techniques to evade detection by multiple layers in current security stacks including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection.

Week in review: Samba vulnerability, phishing kits bypassing MFA, Patch Tuesday forecast
2022-02-06 09:00

February 2022 Patch Tuesday forecast: A rough start for 2022January 2022 Patch Tuesday was a rough one for Microsoft - and us. Samba bug may allow code execution as root on Linux machines, NAS devicesA critical vulnerability in Samba, a widely used open source implementation of the Server Message Block networking protocol, could allow attackers to execute arbitrary code as root on affected Samba installations.

Malicious COVID-19 online content bypassing moderation efforts of social media platforms
2021-06-18 04:00

Malicious COVID-19 online content - including racist content, disinformation and misinformation - thrives and spreads online by bypassing the moderation efforts of individual social media platforms. By mapping online hate clusters across six major social media platforms, researchers at the George Washington University show how malicious content exploits pathways between platforms, highlighting the need for social media companies to rethink and adjust their content moderation policies.

Microsoft: Ongoing, Expanding Campaign Bypassing Phishing Protections
2021-03-24 17:12

A phishing email campaign detailed earlier this month is expanding with the use of additional email services to hide malicious intent, according to a warning from software giant Microsoft. At the time, the researchers revealed that the adversary behind the campaign was leveraging trusted domains to ensure that phishing emails successfully bypass email protections.

Microsoft warns of phishing attacks bypassing email gateways
2021-03-23 17:40

An ongoing phishing operation that stole an estimated 400,000 OWA and Office 365 credentials since December has now expanded to abuse new legitimate services to bypass secure email gateways. The attacks are part of multiple phishing campaigns collectively dubbed the "Compact" Campaign, active since early 2020 first detected by the WMC Global Threat Intelligence Team.

Cloud Attacks Are Bypassing MFA, Feds Warn
2021-01-14 16:45

The Feds are warning that cybercriminals are bypassing multi-factor authentication and successfully attacking cloud services at various U.S. organizations. "These types of attacks frequently occurred when victim organizations' employees worked remotely and used a mixture of corporate laptops and personal devices to access their respective cloud services," the alert outlined.

SolarWinds hackers’ capabilities include bypassing MFA
2020-12-16 13:20

As the list of known organizations compromised by way of the SolarWinds supply chain attack is slowly growing - according to Reuters, the attackers also breached U.S. Department of Homeland Security's systems, the State Department, and the National Institutes of Health - Microsoft has decided that its Defender Antivirus will start blocking/quarantining the known malicious SolarWinds binaries today - even if the process is running. As security researcher Vinoth Kumar pointed out, the attackers might have easily compromised the company's update server by using a password that was published on their public Github repository for over a year or, as several Reuters sources noted, they might have bought access to SolarWinds' computers through underground forums.

New Attacks Allow Bypassing EMV Card PIN Verification
2020-08-28 15:04

Researchers with ETH Zurich have identified vulnerabilities in the implementation of the payment card EMV standard that allow for the mounting of attacks targeting both the cardholder and the merchant. In a newly published paper, David Basin, Ralf Sasse, and Jorge Toro-Pozo from the department of computer science at ETH Zurich, explain that vulnerabilities identified in the standard EMV implementation could be exploited to render the PIN verification useless on Visa contactless transactions.