Twitter Not Logging Users Out After Password Reset
by Artie Kaye
After manually changing one’s password, the platform was not signing users out of all instances. This affected Android and iOS users, not desktop access. After this came to light, Twitter took actions on accounts that it suspected might have been affected, logging users out across all instances. The company has a page where you can view your active sessions. If you need to, log them out manually, link below. If you see any instances you do not recognize, of course log them out, and maybe change your password as well.
https://twitter.com/settings/sessions
https://privacy.twitter.com/en/blog/2022/an-issue-impacting-password-resets
https://www.pcmag.com/news/twitter-our-password-reset-function-failed-to-log-users-out-of-devices
Zoho ManageEngine Actively Exploited
by Artie Kaye
Functioning as a remote code execution vulnerability, this problem affects the following products.
Access Manager Plus version 4302 and below
Password Manager Pro version 12100 and below
PAM360 version 5500 and below
CISA has added this bug to their known exploited vulnerabilities list, meaning it’s actively being targeted. Update as soon as you can.
This flaw is tracked as CVE-2022-35405.
https://thehackernews.com/2022/09/cisa-warns-of-hackers-exploiting-recent.html
https://www.securityweek.com/cisa-warns-zoho-manageengine-rce-vulnerability-exploitation
Malicious Open Authorization Apps
by Artie Kaye
Open Authorization, or OAuth, is a function wherein a user can log into a service or website using an account from a different company. Google, Twitter, and Facebook are some examples. Microsoft researchers found the attack started with credential stuffing, trying to find an administrator account that did not have two factor authentication active. They whitelisted a malicious OAuth program, giving it high privileges. After that they modified the Exchange server settings to direct spam mail through the server to give it the air of authenticity. The goal was to scam people out of money. Setting up 2FA or MFA can help slow down or prevent credential stuffing attacks from succeeding.
https://thehackernews.com/2022/09/hackers-using-malicious-oauth-apps-to.html