An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. […]
An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. […]
According to recent reports, over 19 BILLION passwords have been leaked in a massive security crisis
Technical Notice We are currently experiencing an unplanned data center outage that is impacting our off-site backup services. Our team […]
Multi-Factor Authentication is more than just a buzzword – it’s a game-changer for online security. By requiring users to provide two or more authentication factors, MFA adds an extra layer of protection against phishing attacks and cyber threats.
Update 10/8/2023 Data carrier indicated that there was a failure of one of their core routers. They have replaced it […]
LastPass revealed today that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen during an August 2022 incident.
Overview
The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.
Description
A flawed logical condition allows a malicious actor to remotely trigger a NULL pointer dereference using a crafted negTokenInit token.
Impact
An attacker can use a specially crafted network packet to cause a vulnerable application to crash.
Solution
The latest version of code in the Heimdal master branch fixes the issue. However, the current stable release 7.7.0 does not include the fix.
Acknowledgements
Thanks to the International Continence Society for reporting this issue.
This document was written by Kevin Stephens.
You may not be able to tell right away if an incoming call is spoofed. Be extremely careful about responding to any request for personal identifying information.
With the rise of a remote working population, “remote hackers” have been re-emerging as well. These remote hackers take advantage […]
This week, cryptocurrency company Wormhole lived up to its name by exposing an exploitable vulnerability that apparently allowed cybercriminals to run off with an eye-watering 120,000 Ether tokens.