Security News

Cisco informed customers on Wednesday that it has patched a critical default credentials vulnerability affecting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. The Cisco Cloud Services Platform for WAAS is a hardware platform designed for the deployment of datacenter network function virtualization, and the Cisco Enterprise Network Compute System is a hybrid platform for branch deployment and for hosting WAAS applications.

Cado Security has identified a crypto-mining worm that attempts to steal Amazon Web Services credentials belonging to the organizations whose systems it has infected. The TeamTNT worm can also scan for open Docker APIs, execute Docker images and install itself.

Auth0 launched Bot Detection, a new security feature that reduces the effectiveness of a credential stuffing attack by as much as 85%, with minimal impact on user experience. Bot Detection is a powerful addition to the company's expanding security portfolio, and works in tandem with Auth0 Breached Password Detection, Brute Force Protection, and Multi-factor Authentication, to provide extensive mitigation against a variety of sophisticated threats, including automated attacks, account takeovers, phishing attacks, and more.

Auth0 claims it can reduce the effectiveness of attacks using them by 85% with its new bot detection tool. Access control provider Auth0 has released a new set of tools that it said can reduce the effectiveness of credential stuffing attacks by 85%. The new features are lumped together in what Auth0 calls Bot Detection, and all are designed to reduce the chance that a credential stuffing attack is successful.

A malicious cryptocurrency miner and DDoS worm that has been targeting Docker systems for months now also steals Amazon Web Services credentials. The worm still scans for open Docker APIs, then spins up Docker images and install itself in a new container, but it now also searches for exploitable Kubernetes systems and files containing AWS credentials and configuration details - just in case the compromised systems run on the AWS infrastructure.

The Michigan institution announced its plan on July 28, which calls for testing coordinated by Testing Centers of America and the use of a health monitoring app called Aura Sequential Testing. "All students will utilize Aura, an app developed by Nucleus Healthcare, that organizes the College's COVID-19 testing and public health approach," Albion said in a statement.

Spotted by security firm Nuspire, one campaign that has resurfaced lately grabs RDP credentials or access and then sells them on underground forums. Active on several underground forums and communities, TrueFighter specializes in the sale of compromised RDP accounts through which buyers gain remote administrative access to the networks of affected organizations.

JumpCloud announced the release of the JumpCloud App for Windows, the latest update to its patent-pending strategy for enabling secure credential and identity management from an employee's device. The JumpCloud Windows App streamlines credential management workflows and establishes the employee's workstation or laptop as a trusted device.

Network appliances and devices that still have their default credentials present a risk to your organization, says SecurityHQ. Think of all the routers, switches, appliances, and other devices that may be available and accessible on your network. In its blog post entitled "Notes from the Field. Don't Default on Password Security," SecurityHQ described the trap of default credentials.

By hosting phishing pages at a legitimate cloud service, cybercriminals try to avoid arousing suspicion, says Check Point Research. The idea is that such phishing pages will better elude detection by security products and more easily ensnare unsuspecting victims.