Security News

If you've added two-factor authentication to Bitwarden, but are wondering why it's not working on the desktop client, fear not. I've written about how to enable two factor authentication with Bitwarden, but that only applied to the web interface.

If you've added two-factor authentication to Bitwarden, but are wondering why it's not working on the desktop client, fear not. Jack Wallen shows you how to unlock this particular magic.

A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely. The reported flaws could potentially let bad actors achieve full control over the Guacamole server, intercept, and control all other connected sessions.

The Apache Project's popular Guacamole open-source remote desktop software contained vulns allowing remote attackers to steal login creds and hijack targeted machines, researchers have said. The Apache Foundation has issued patches for Guacamole following Check Point's research, which resulted in two CVEs.

A report published on Monday by ESET discusses how attackers take advantage of RDP and what organizations can do to combat them. Though Remote Desktop Protocol can be enough of a security risk on its own, organizations often compound the vulnerabilities by failing to properly secure RDP accounts and services.

Adaptiva announced that it has partnered with UK-based IT consultancy OKTiK Technology to provide its solutions as part of OKTiK's automation platform. "OKTiK has established itself as a digital transformation specialist over the last several years, and our on-premises and cloud-enabled products are an outstanding fit for OKTiK's automation platform. Together, Adaptiva and OKTiK can drive a painless transition to modern management."

Docker has fixed a vulnerability that could have allowed an attacker to gain control of a Windows system using its service. The bug, discovered by Ceri Coburn, a researcher at security consultancy Pen Test Partners, exposed Docker for Windows to privilege elevation.

A full 70 percent of applications being used today have at least one security flaw stemming from the use of an open-source library. Most JavaScript applications contain hundreds of open-source libraries - some have more than 1,000 different libraries.

In many cases, IT staff and other employees need to remotely connect to workstations and servers at the office, and for that they typically rely on the Microsoft Remote Desktop Protocol built into Windows. In a blog post published on Thursday, McAfee explains how cybercriminals are taking advantage of RDP access and what organizations can do to protect themselves.

Kaspersky Labs is reporting a massive increase in brute force attacks against Microsoft's RDP protocol since the beginning of March, coinciding perfectly with coronavirus lockdowns and increased numbers of people working from home. Brute force attacks are decidedly blunt in their approach: Rather than try to sneak in a backdoor or bypass security, a brute force attack simply tries logging in to a system with a known username and all possible passwords.