Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 2
32 résultats taggé Bypass  ✕
Cookie-Bite: How Your Digital Crumbs Let Threat Actors Bypass MFA and Maintain Access to Cloud Environments https://www.varonis.com/blog/cookie-bite
23/04/2025 09:39:55
QRCode
archive.org
thumbnail

Silent and undetectable initial access is the cornerstone of a cyberattack. MFA is there to stop unauthorized access, but attackers are constantly evolving.

varonis EN 2025 Technique Cookie-Bite Bypass MFA infostealer
CrushFTP Authentication Bypass - CVE-2025-2825 https://projectdiscovery.io/blog/crushftp-authentication-bypass
01/04/2025 09:49:24
QRCode
archive.org
thumbnail

Enterprise file transfer solutions are critical infrastructure for many organizations, facilitating secure data exchange between systems and users. CrushFTP, a widely used multi-protocol file transfer server, offers an extensive feature set including Amazon S3-compatible API access. However, a critical vulnerability (CVE-2025-2825) was discovered in versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 that allows unauthenticated attackers to bypass authentication and gain unauthorized access

projectdiscovery EN 2025 CVE-2025-2825 vulnerability CrushFTP Authentication Bypass
SAMLStorm: Critical Authentication Bypass in xml-crypto and Node.js libraries https://workos.com/blog/samlstorm
28/03/2025 12:15:54
QRCode
archive.org
thumbnail

Any service using xml-crypto or a Node.js SAML implementation using it, should update immediately to the latest version. WorkOS customers are safe and were not impacted.

workos EN 2025 Authentication Bypass xml-crypto Node.js SAMLStorm CVE-2025-29775 CVE-2025-29774
Doing the Due Diligence: Analyzing the Next.js Middleware Bypass (CVE-2025-29927) https://slcyber.io/assetnote-security-research-center/doing-the-due-diligence-analysing-the-next-js-middleware-bypass-cve-2025-29927/
24/03/2025 10:09:04
QRCode
archive.org

This critical vulnerability allowed attackers to bypass authentication implemented in the middleware layer. With the popularity of this framework on the internet and within our customers' attack surfaces, our Security Research team took a deeper look at the issue.

slcyber EN 2025 Next.js Middleware Bypass check CVE-2025-29927 middleware
Next.js and the corrupt middleware: the authorizing artifact https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware
23/03/2025 13:58:47
QRCode
archive.org

Recently, Yasser Allam, known by the pseudonym inzo_, and I, decided to team up for some research. We discussed potential targets and chose to begin by focusing on Next.js (130K stars on github, currently downloaded + 9,4 million times per week), a framework I know quite well and with which I already have fond memories, as evidenced by my previous work. Therefore, the “we” throughout this paper will naturally refer to the two of us.

Next.js is a comprehensive javascript framework based on React, packed with numerous features — the perfect playground for diving into the intricacies of research. We set out, fueled by faith, curiosity, and resilience, to explore its lesser-known aspects, hunting for hidden treasures waiting to be found.

It didn’t take long before we uncovered a great discovery in the middleware. The impact is considerable, with all versions affected, and no preconditions for exploitability — as we’ll demonstrate shortly.

zhero-web-sec. EN 2025 CVE-2025-29927 Next.js exploit bypass
Critical Cisco ISE bug can let attackers run commands as root https://www.bleepingcomputer.com/news/security/critical-cisco-ise-bug-can-let-attackers-run-commands-as-root/
06/02/2025 21:07:01
QRCode
archive.org
thumbnail

Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass authorization and run commands as root.

bleepingcomputer EN 2025 Bypass Cisco Cisco-ISE Identity-Services-Engine RCE Remote-Command-Execution Root
Threat Response - Critical Authentication Bypass in PAN-OS Management Web Interface https://northwave-cybersecurity.com/threat-response-critical-authentication-bypass-in-pan-os-management-web-interface
28/12/2024 10:59:31
QRCode
archive.org

On 18 November 2024, Palo Alto Networks issued a security advisory for an authentication bypass vulnerability in the PAN-OS management web interface. The vulnerability is tracked under CVE-2024-0012 [1] and has a CVSS score for this is 9.3 [2]. The vulnerability allows an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges. As the Northwave CERT has already observed mass exploitation by multiple threat actors, we urge all recipients to implement mitigation measures and patch their systems.

northwave-cybersecurity EN 2024 Critical Authentication Bypass CVE-2024-0012
Google Calendar Notifications Bypassing Email Security Policies https://blog.checkpoint.com/securing-user-and-access/google-calendar-notifications-bypassing-email-security-policies/
20/12/2024 09:23:11
QRCode
archive.org
thumbnail

Google Calendar is a tool for organizing schedules and managing time, designed to assist individuals and businesses in planning their days efficiently.

checkpoint EN 2024 Google Calendar Notifications phishing bypass
Zero-Day: How Attackers Use Corrupted Files to Bypass Detection https://any.run/cybersecurity-blog/corrupted-files-attack/
09/12/2024 12:13:02
QRCode
archive.org
thumbnail

See technical analysis of a zero-day attack that uses corrupted malicious files to bypass detection by advanced security systems.

any.run EN 2024 Corrupted Files Bypass Detection Analysis
EDR Bypass Testing Reveals Extortion Actor's Toolkit https://unit42.paloaltonetworks.com/edr-bypass-extortion-attempt-thwarted/
05/11/2024 15:54:13
QRCode
archive.org
thumbnail

A threat actor attempted to use an AV/EDR bypass tool in an extortion attempt. Instead, the tool provided Unit 42 insight into the threat actor.

paloaltonetworks EN 2024 EDR Bypass Testing Toolkit CortexXDR EDR
New Windows Driver Signature bypass allows kernel rootkit installs https://www.bleepingcomputer.com/news/security/new-windows-driver-signature-bypass-allows-kernel-rootkit-installs/
26/10/2024 19:05:48
QRCode
archive.org
thumbnail

Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems.
#Attack #Bypass #Computer #Downgrade #Elevation #Escalation #InfoSec #Privilege #Privileges #Rootkit #Security #Windows #of

Privileges Computer Privilege Security Rootkit Elevation Escalation InfoSec Attack Bypass Downgrade Windows of
The PrintNightmare is not Over Yet https://itm4n.github.io/printnightmare-not-over/
09/10/2024 20:12:44
QRCode
archive.org

Following the publication of my blog post A Practical Guide to PrintNightmare in 2024, a few people brought to my attention that there was a way to bypass the Point and Print (PnP) restrictions recommended at the end. So, rather than just updating this article with a quick note, I decided to dig a little deeper, and see if I could find a better way to protect against the exploitation of PnP configurations.

itm4n EN 2024 printnightmare PnP CVE-2021-34481 bypass
Ivanti warns of three more CSA zero-days exploited in attacks https://www.bleepingcomputer.com/news/security/ivanti-warns-of-three-more-csa-zero-days-exploited-in-attacks/
08/10/2024 18:24:32
QRCode
archive.org
thumbnail

American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks.

bleepingcomputer EN 2024 Bypass Ivanti Code Command Actively Remote Services Exploited Injection Execution Security Zero-Day CSA Cloud Appliance CVE-2024-9379 CVE-2024-9380 CVE-2024-9381
Critical Ivanti vTM auth bypass bug now exploited in attacks https://www.bleepingcomputer.com/news/security/critical-ivanti-vtm-auth-bypass-bug-now-exploited-in-attacks/
24/09/2024 21:03:03
QRCode
archive.org
thumbnail

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks.

bleepingcomputer EN 2024 Authentication-Bypass Bypass CISA Exploit Ivanti PoC
Critical Exim bug bypasses security filters on 1.5 million mail servers https://www.bleepingcomputer.com/news/security/critical-exim-bug-bypasses-security-filters-on-15-million-mail-servers/
13/07/2024 00:38:28
QRCode
archive.org
thumbnail

Censys warns that over 1.5 million Exim mail transfer agent (MTA) instances are unpatched against a critical vulnerability that lets threat actors bypass security filters.

bleepingcomputer EN 2024 Bypass Email Exim Mail Security-Bypass Vulnerability
Bypassing Veeam Authentication CVE-2024-29849 https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass/
11/06/2024 16:31:43
QRCode
archive.org
thumbnail

Veeam Backup Enterprise Manager Authentication Bypass

summoning.team EN 2024 Veeam Backup Enterprise Manager Authentication Bypass PoC CVE-2024-29849
ConnectWise ScreenConnect: Authentication Bypass Deep Dive https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/
22/02/2024 08:26:47
QRCode
archive.org
thumbnail

An analysis of the recent ConnectWise ScreenConnect authentication bypass vulnerability, root cause, and indicators of compromise.

horizon3 EN 2024 ConnectWise ScreenConnect bypass vulnerability
CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT | Rapid7 Blog https://www.rapid7.com/blog/post/2024/01/23/etr-cve-2024-0204-critical-authentication-bypass-in-fortra-goanywhere-mft/
23/01/2024 21:27:31
QRCode
archive.org
thumbnail

On 1/22/24, Fortra published a security advisory on CVE-2024-0204, a critical authentication bypass affecting its GoAnywhere MFT secure managed file transfer product prior to version 7.4.1.

rapid7 EN 2024 Critical Authentication Bypass CVE-2024-0204 Fortra GoAnywhere
How to bypass Windows Hello, log into vulnerable laptops https://www.theregister.com/2023/11/22/windows_hello_fingerprint_bypass/
23/11/2023 06:48:12
QRCode
archive.org
thumbnail

Hardware security hackers have detailed how it's possible to bypass Windows Hello's fingerprint authentication and login as someone else – if you can steal or be left alone with their vulnerable device.

The research was carried out by Blackwing Intelligence, primarily Jesse D'Aguanno and Timo Teräs, and was commissioned and sponsored by Microsoft's Offensive Research and Security Engineering group. The pair's findings were presented at the IT giant's BlueHat conference last month, and made public this week. You can watch the duo's talk below, or dive into the details in their write-up here.

theregister EN 2023 biometric fingerprint bypass Windows Hello
An Apple Malware-Flagging Tool Is ‘Trivially’ Easy to Bypass https://www.wired.com/story/apple-mac-background-task-management-flaw/
14/08/2023 07:20:04
QRCode
archive.org
thumbnail

The macOS Background Task Manager tool is supposed to spot potentially malicious software on your machine. But a researcher says it has troubling flaws.

wired EN 2023 Apple macOS Task-Manager PatrickWardle bypass
page 1 / 2
4252 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio