MALWARE USING GOOGLE MULTILOGIN EXPLOIT TO MAINTAIN ACCESS DESPITE PASSWORD RESET 📗 Date: 04 Jan, 2024Source: The Hacker News Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to CloudSEK, the critical […]
TERRAPIN ATTACK ALLOWS TO DOWNGRADE SSH PROTOCOL SECURITY 📗 Date: 03 Jan, 2024Source: Security Affairs Researchers discovered an SSH vulnerability, called Terrapin, that could allow an attacker to downgrade the connection’s security. Security researchers from Ruhr University Bochum (Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk) discovered a vulnerability, called Terrapin (CVE-2023-48795, CVSS score 5.9), in the
ALERTS – TERRAPIN ATTACK ALLOWS TO DOWNGRADE SSH PROTOCOL SECURITY Read More »
GITHUB WARNS USERS TO ENABLE 2FA BEFORE UPCOMING DEADLINE Jan 19th, 2024 at 00:00 (UTC) 📗 Date: 27 Dec, 2023Source: Beeping Computer GitHub is warning users that they will soon have limited functionality on the site if they do not enable two-factor authentication (2FA) on their accounts. In emails sent to GitHub users on Christmas
ALERTS – GITHUB WARNS USERS TO ENABLE 2FA BEFORE UPCOMING DEADLINE Read More »
