Microsoft Security Response Center’s Post

[CVE-2024-41808: HIGH] OpenObserve's observability platform lacks input sanitization in the filter selection menu, posing a risk of account takeover. While XSS is escaped in many parts, certain areas remain vulnerable. Coupled with insecure authentication, malicious users could exploit this. No patch is currently available. https://lnkd.in/dVA94Q79

Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it

𝐀𝐓&𝐓: 𝐈𝐧𝐟𝐨 𝐅𝐫𝐨𝐦 𝟕𝟑 𝐌𝐢𝐥𝐥𝐢𝐨𝐧 𝐀𝐜𝐜𝐨𝐮𝐧𝐭𝐬 𝐇𝐢𝐣𝐚𝐜𝐤𝐞𝐝 𝐢𝐧 𝐃𝐚𝐭𝐚 𝐁𝐫𝐞𝐚𝐜𝐡 AT&T found millions of customers' data including Social Security numbers, names, email and mailing addresses, phone numbers, dates of birth, AT&T account numbers and passcodes on the dark web. The data breach may be from a vendor and is not related to the recent service outage. 𝐒𝐮𝐛𝐬𝐜𝐫𝐢𝐛𝐢𝐧𝐠 TechOwl SHIELD, 𝐰𝐡𝐢𝐜𝐡 𝐡𝐚𝐬 𝐜𝐚𝐩𝐚𝐛𝐢𝐥𝐢𝐭𝐢𝐞𝐬 𝐢𝐧 𝐝𝐚𝐫𝐤 𝐰𝐞𝐛 𝐚𝐧𝐝 𝐬𝐮𝐩𝐩𝐥𝐲 𝐜𝐡𝐚𝐢𝐧 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠, 𝐜𝐚𝐧 𝐩𝐫𝐨𝐯𝐢𝐝𝐞 𝐞𝐚𝐫𝐥𝐢𝐞𝐫 𝐚𝐰𝐚𝐫𝐞𝐧𝐞𝐬𝐬 𝐨𝐟 𝐭𝐡𝐫𝐞𝐚𝐭𝐬, 𝐩𝐨𝐭𝐞𝐧𝐭𝐢𝐚𝐥𝐥𝐲 𝐦𝐢𝐭𝐢𝐠𝐚𝐭𝐢𝐧𝐠 𝐭𝐡𝐞 𝐢𝐦𝐩𝐚𝐜𝐭. Bhinang Tejani | Abhishek Chaudhary | Ravi Raval | Shankhadeep Pradhan | Keval Patel | Rushik Darji | Raj Vekaria | Ravi Jogani | Mahesh Parmar | Shubhamjyoti Sahoo | Ashish Shah

Vultur Extends Its Wingspan "The authors behind Vultur, an Android banker that was first discovered in March 2021, have been spotted adding new technical features. New technical features include the ability to: Download, upload, delete, install, and find files; Control the infected device using Android Accessibility Services (sending commands to perform scrolls, swipe gestures, clicks, mute/unmute audio, and more); Prevent apps from running; Display a custom notification in the status bar; Disable Keyguard in order to bypass lock screen security measures. While the new features are mostly related to remotely interact with the victim’s device in a more flexible way, Vultur still contains the remote access functionality using AlphaVNC and ngrok that it had back in 2021. Vultur has improved upon its anti-analysis and detection evasion techniques by: Modifying legitimate apps (use of McAfee Security and Android Accessibility Suite package name); Using native code in order to decrypt payloads; Spreading malicious code over multiple payloads; Using AES encryption and Base64 encoding for its C2 communication." Like this? Subscribe to Cyberwarfare, Espionage & Extortion for more: https://buff.ly/3tXXx16

Yet another example of misconfiguration and lack of detection which exposed two-factor SMS codes to some of the largest tech giants via a public database. This article echo's the need for securing resources during the build/deployment process and to proactively detect misconfigurations. Also, for the preference with 2FA to utilize authenticator apps or physical security keys vs. SMS.

Traditional password authentication: 🔓 Vulnerable to sophisticated cyberattacks 🔓 Frustrates users FIDO2 passkeys and passwordless authentication: 🔐 More secure 🔐User friendly 🔐Scalable and interoperable OneSpan's DIGIPASS FX1 BIO – part of the FIDO2 passkey portfolio – uses fingerprint scanning to enhance security against social engineering and account takeovers. Learn more about transforming your organization's online security: https://bit.ly/3TVFzoO

Businesses also ask what is SMS OTP? An SMS OTP (one-time password) is a secure authorisation method where a numeric or alphanumeric code is sent to a mobile number. This password is an added layer of security used to verify a user's identity when logging in online or confirming an action. 👉Learn more https://lnkd.in/d49rxZJq #Javna #TheGloballyConnectedPlatform #SMS #SMSAPI #Messaging #BusinessMessaging #TechInnovation #CustomerEngagement

How to bypass multi-factor authentication? By stealing cookies! #oauth2 #multifactorauthentication

While traditional MFA options, such as one-time passwords (OTP), are a step up from password-only authentication, they’ve proven increasingly inadequate in the modern world. It’s now fairly easy for bad actors to intercept OTPs sent via email or SMS.