VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the discovery of an arbitrary authentication relay flaw CVE-2024-22245Â (CVSS score: 9.6). A threat actor could trick a domain user with EAP installed in […]
A Portuguese security expert has uncovered the Cupid attack, a new Heartbleed attack vector which can impact Android devices, enterprise wireless networks and other connected devices. Cupid is the name of the new Heartbleed attack method recently proposed by Portuguese security researcher Luis Grangeia, unlike the original version of the attack, which took place on TLS connections over TCP, […]