Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

AS-REP Roasting

Active Directory users that have the Kerberos pre-authentication enabled and require access to a resource initiate the Kerberos authentication process by sending an Authentication Server… Continue reading → AS-REP Roasting

Pentestlab
Open in Source
#mac#windows#git#java#perl#ldap#auth#maven
8 LockBit Ransomware Gang Domains Seized in Global Operation

By Waqas All known dark web domains operated by the notorious LockBit Ransomware Gang are displaying a law enforcement seizure notice. This is a post from HackRead.com Read the original post: 8 LockBit Ransomware Gang Domains Seized in Global Operation

GHSA-9r26-5w88-qhp9: Authorization Bypass in moodle

Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).

Russian Hackers Hit Mail Servers in Europe for Political and Military Intel

By Deeba Ahmed Email servers compromised in 80 organizations as Russian-linked TAG-70 group targets European governments. This is a post from HackRead.com Read the original post: Russian Hackers Hit Mail Servers in Europe for Political and Military Intel

Why keeping track of user accounts is important

CISA has issued an advisory after the discovery of documents containing information about a state government organization’s network environment on a dark web brokerage site.

Microsoft Windows Defender / Backdoor_JS.Relvelshe.A Detection / Mitigation Bypass

Back in 2022, the researcher released a proof of concept to bypass the Backdoor:JS/Relvelshe.A detection in Windows Defender but it no longer works as it was mitigated. However, adding a simple javascript try catch error statement and eval'ing the hex string, it executes as of the time of this post.

Microsoft Windows Defender / Trojan.Win32/Powessere.G VBScript Detection Bypass

This is additional research regarding a mitigation bypass in Windows Defender. Back in 2022, the researcher disclosed how it could be easily bypassed by passing an extra path traversal when referencing mshtml but that issue has since been mitigated. However, the researcher discovered using multiple commas can also be used to achieve the bypass. This issue was addressed. The fix was short lived as the researcher found yet another third trivial bypass. Previously, the researcher disclosed 3 bypasses using rundll32 javascript, but this example leverages the VBSCRIPT and ActiveX engines.

InstantCMS 2.16.1 Cross Site Scripting

InstantCMS version 2.16.1 suffers from a persistent cross site scripting vulnerability that appears to require administrative access.

SureMDM On-Premise CAPTCHA Bypass / User Enumeration

SureMDM On-Premise versions prior to 6.31 suffer from CAPTCHA bypass and user enumeration vulnerabilities.

1 in 5 Youth Engage in Cybercrime, NCA Finds

By Waqas One in five children aged 10-16 in the UK have engaged in online activities that violate the Computer Misuse Act, NCA has revealed. This is a post from HackRead.com Read the original post: 1 in 5 Youth Engage in Cybercrime, NCA Finds