The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.
Bleeping Computer

Hackers target new MOVEit Transfer critical auth bypass bug

Threat actors are already trying to exploit a critical authentication bypass flaw in Progress MOVEit Transfer, less than a day after the vendor disclosed it. MOVEit Transfer is a managed file transfer ...
Bleeping Computer

Exploit released for Fortra GoAnywhere MFT auth bypass bug

Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on ...