#2fa-bypass

[ follow ]
#cve-2020-12812 #ldap #zerodayrat #mobile-spyware #real-time-surveillance #fortios #ssl-vpn #fortios-ssl-vpn
Information security
fromThe Hacker News
2 weeks ago

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft

ZeroDayRAT is a commercial mobile spyware platform enabling real-time surveillance, data exfiltration, and financial theft on Android and iOS via a seller-provided builder and control panel.
Information security
fromTechzine Global
2 months ago

Attackers exploit five-year-old Fortinet vulnerability

A critical FortiOS SSL VPN flaw (CVE-2020-12812) allows 2FA bypass via username changes; patches have existed since 2020 but many systems remain unpatched.
Information security
fromThe Hacker News
2 months ago

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

CVE-2020-12812 allows LDAP users with 2FA on FortiGate SSL VPN to bypass second-factor authentication when username case mismatches under specific configurations.
Information security
fromThe Hacker News
5 months ago

Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises

Salty2FA is a PhaaS phishing kit that bypasses push, SMS, and voice 2FA to intercept credentials and codes, enabling high-impact account takeovers across industries.
[ Load more ]