Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

120K Victims Compromised in Memorial Hospital Ransomware Attack

After claiming responsibility for the ransomware attack in 2024, the "Embargo" ransomware group posted 1.15 terabytes of stolen data to its public Tor site.

DARKReading
Open in Source
#auth
GHSA-qv5f-57gw-vx3h: Authorization Bypass in OPC UA .NET Standard Stack

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled.

GHSA-7wwr-h8cm-9jf7: Authentication Bypass by Spoofing in OPC UA .NET Standard Stack

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints.

Newspaper Giant Lee Enterprises Reels From Cyberattack

The newspaper company expects the investigation to take some time, but said in an SEC filing that it has not yet identified any material impact.

4 Arrested as Police Dismantle 8Base Ransomware, Seize Dark Web Sites

In a coordinated international security operation, authorities have seized four dark web sites linked to the 8Base ransomware group and arrested four suspects.

GHSA-7wj8-856p-qc9m: Stored XSS in REDAXO

### Summary Stored XSS in REDAXO 5.18.1 - Article / "content/edit". ### Details On the latest version of Redaxo, v5.18.1, the article name field is susceptible to stored XSS. ### Impact A malicious actor can easily steal cookie using this stored XSS and perform a session hijacking attack.

GHSA-76p7-773f-r4q5: Cross-site Scripting (XSS) in serialize-javascript

A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.

GHSA-37wc-h8xc-5hc4: Hickory DNS's DNSSEC validation may accept broken authentication chains

### Summary The DNSSEC validation routines treat entire RRsets of DNSKEY records as trusted once they have established trust in only one of the DNSKEYs. As a result, if a zone includes a DNSKEY with a public key that matches a configured trust anchor, all keys in that zone will be trusted to authenticate other records in the zone. There is a second variant of this vulnerability involving DS records, where an authenticated DS record covering one DNSKEY leads to trust in signatures made by an unrelated DNSKEY in the same zone. ### Details `verify_dnskey_rrset()` will return `Ok(true)` if any record's public key matches a trust anchor. This results in `verify_rrset()` returning a `Secure` proof. This ultimately results in successfully verifying a response containing DNSKEY records. `verify_default_rrset()` looks up DNSKEY records by calling `handle.lookup()`, which takes the above code path. There's a comment following this that says "DNSKEYs were already validated by the inner query in ...

Magecart Attackers Abuse Google Ad Tool to Steal Data

Attackers are smuggling payment card-skimming malicious code into checkout pages on Magento-based e-commerce sites by abusing the Google Tag Manager ad tool.