admin

Joined: September 10, 2024
Articles: 4636

vulnerabilities

Critical RCE Threat from Hard-Coded ‘b’ Password in Sitecore XP Exposes Enterprises

June 17, 2025
Vulnerability / Enterprise Software

Cybersecurity experts have identified three significant vulnerabilities in the widely-used Sitecore Experience Platform (XP) that could be exploited to achieve pre-authenticated remote code execution (RCE). Sitecore XP is an enterprise software solution that offers tools for content management, digital marketing, and analytics.

The vulnerabilities are as follows:

CVE-2025-34509 (CVSS score: 8.2) – Use of hard-coded credentials

CVE-2025-34510 (CVSS score: 8.8) – Post-authenticated RCE via path traversal

CVE-2025-34511 (CVSS score: 8.8) – Post-authenticated RCE via Sitecore PowerShell Extension

Researcher Piotr Bazydlo from watchTowr Labs pointed out that the default user account “sitecore\ServicesAPI” has a hard-coded single-character password set to “b.” Notably, Sitecore’s documentation advises against altering default credentials. Although the user account lacks roles and permissions, the vulnerabilities still pose a serious risk.

Critical Security Flaws Discovered in Sitecore XP Could Lead to Remote Code Execution Risks On June 17, 2025, cybersecurity researchers revealed several significant vulnerabilities in the widely-used Sitecore Experience Platform (XP), posing a grave risk of remote code execution (RCE)…

admin
August 19, 2025

data-breaches

Why the U.S. Requires New Strategies to Combat Scams

Finance & Banking, Fraud Management & Cybercrime, Fraud Risk Management Regulatory Actions Required to Combat Payment Scams, Says Fraud Expert Trace Fooshee By Suparna Goswami (gsuparna) • August 18, 2025 Trace Fooshee, Strategic Advisor, Datos Insights In contrast to the…

admin
August 19, 2025

data-breaches

RVTools Official Site Compromised to Distribute Bumblebee Malware via Trojan Installer

May 19, 2025
Malware / Supply Chain Attack

The official RVTools website has been compromised, delivering a tainted installer for the widely-used VMware environment reporting tool. In a statement on their site, the company announced, “Robware.net and RVTools.com are currently offline. We are working diligently to restore service and appreciate your patience. Please note that Robware.net and RVTools.com are the only authorized and supported sources for RVTools software. Avoid downloading RVTools from any other websites or sources.” This incident follows revelations from security researcher Aidan Leon, who discovered that the infected installer was being used to load a malicious DLL, identified as the Bumblebee malware loader. It remains unclear how long the compromised version of RVTools was available for download or how many users had installed it before the websites were taken offline. In the meantime, users are advised to verify…

RVTools Official Website Compromised, Distributing Bumblebee Malware Through Trojan Installer On May 19, 2025, the official website for RVTools, a well-known utility for reporting within VMware environments, was breached, leading to the distribution of a compromised installer. This attack is…

admin
August 19, 2025

data-breaches

Allianz Life Hack Exposes 1.1 Million Customers as Cyberattack Wave Hits Microsoft and UnitedHealth – Microsoft (NASDAQ: MSFT), UnitedHealth Group (NYSE: UNH)

A recent cyber breach involving Allianz Life has led to the exposure of personal information for approximately 1.1 million individuals. This incident adds to a concerning trend of significant data breaches affecting major U.S. corporations, including Microsoft Corporation MSFT and…

admin
August 19, 2025

data-breaches

Cisco Addresses Critical Firewall Vulnerability with Patch

Identity & Access Management, Network Firewalls, Network Access Control, Security Operations Cisco Secure Firewall Management Centers Exposed to Critical Vulnerability Pooja Tikekar (@PoojaTikekar) • August 18, 2025 Image: Anucha Cheechang/Shutterstock Cisco has alerted its firewall customers to implement urgent patches…

admin
August 19, 2025

data-breaches

Navigating the Overwhelmed Landscape: Insights from the 2025 Pentesting Report

In the recently published 2025 State of Pentesting Report, Pentera conducted a survey of 500 CISOs from global enterprises (200 based in the USA) to delve into their strategies, tactics, and tools for managing the flood of security alerts, persistent breaches, and escalating cyber risks. The results paint a nuanced picture of progress, obstacles, and evolving mindsets regarding security testing in enterprises.

Increased Tools, Enhanced Data, Yet Uncertain Protection

Over the past year, 45% of enterprises have broadened their security technology portfolios, with organizations now utilizing an average of 75 distinct security solutions. However, despite these additional layers of defense, 67% of U.S. enterprises faced a breach within the last 24 months. The proliferation of security tools significantly impacts day-to-day operations and the overall cyber resilience of organizations. The findings underscore a crucial observation: more security tools do not necessarily equate to better protection.

The Jam-Packed Arena: Key Takeaways from the 2025 State of Pentesting Report Published May 20, 2025 In the recently unveiled 2025 State of Pentesting Report, Pentera conducted a comprehensive survey involving 500 Chief Information Security Officers (CISOs) from enterprises worldwide,…

admin
August 18, 2025

data-breaches

IBM Discovers Inadequate Controls in 97% of AI-Related Data Breaches

Recent research from IBM highlights a significant “AI oversight gap” among organizations that have experienced data breaches. According to findings from the company’s Cost of a Data Breach Report, an alarming 97% of these organizations reported a lack of adequate…

admin
August 18, 2025

vulnerabilities

Are Neglected AD Service Accounts Putting Your Organization at Risk?

Date: June 17, 2025
Category: Password Security / Active Directory

In many organizations, Active Directory (AD) service accounts are often overlooked, quietly lingering long after their intended use has faded. These orphaned accounts—typically created for legacy applications, automated tasks, or testing—often remain active with non-expiring or outdated passwords. It’s no surprise that these service accounts frequently escape the routine scrutiny of security teams. Burdened by daily challenges and ongoing technical debts, security personnel often neglect these accounts, which are disconnected from individual users and seldom reviewed. Unfortunately, this lack of attention makes them prime targets for attackers looking to infiltrate networks undetected. If left unmonitored, these forgotten service accounts can become silent gateways for security breaches and lateral movement within enterprise environments. In this article, we’ll delve into the dangers posed by neglected AD service accounts…

Are Forgotten AD Service Accounts Exposing Your Organization to Threats? In today’s cybersecurity landscape, the often-overlooked Active Directory (AD) service accounts pose significant risks to organizations. These accounts, created for purposes such as legacy applications, automation scripts, and testing environments,…

admin
August 18, 2025

data-breaches

NY State Imposes $2M Fine on Dental Plan Company for Phishing Breach

Data Privacy, Data Security, Healthcare Healthplex, a UnitedHealth Group Subsidiary, Fined for Lacking MFA on Compromised Email Account Marianne Kolbasuk McGee (HealthInfoSec) • August 18, 2025 New York State fined a dental plan administrator owned by insurer UnitedHealth Group $2…

admin
August 18, 2025

cyber-attacks

Manpower Data Breach Affects 144K as Workday Confirms Third-Party CRM Hack

A cyberattack on Manpower’s Michigan office has compromised the data of 144,000 individuals, while Workday faces a data breach linked to a broader social engineering scheme. These incidents underscore the escalating risks posed by cyber threats. Recently, two significant organizations—global…

admin
August 18, 2025