SolarWinds Attackers Spotted Using New Tactics, Malware

One year after the notorious and far-reaching SolarWinds supply-chain attacks, its orchestrators are on the offensive again. Researchers said they’ve seen the threat group – which Microsoft refers to as “Nobelium” and which is linked to Russia’s spy agency – compromising global business and...

SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks

The SolarWinds attackers – an advanced persistent threat APT known as Nobelium – have started a new wave of supply-chain intrusions, this time using the technology reseller/service provider community to attack their targets. The activity has affected victims in North America and Europe thus far,...

Discord CDN and API Abuses Drive Wave of Malware Detections

Discord has a malware problem. And although the platform is predominantly used by gamers, it turns out even users who have never interacted with Discord are at risk. Discord creates servers or specific groups or communities of users who can send voice, text and other media messages between one...

Second colossal LinkedIn “breach” in 3 months, almost all users affected

LinkedIn has reportedly been breached—again—following reports of a massive sale of information scraped from 500M LinkedIn user profiles in the underground in May. According to Privacy Shark, the VPN company who first reported on this incident, a seller called TomLiner showed them he was in...

BlockFi: User Information Disclosure via waitlist.blockfi.com Prefinery Abuse

Summary: User Information including email address, home address, ip address, browser type and version, name, and more can be easily scraped by abusing the prefinery api behind waitlist.blockfi.com . Using a GET request and enumerating users based on the userID, the entire waitlist user group can...

Third-Party APIs: How to Prevent Enumeration Attacks

When organizations use APIs – the next frontier in cybercrime – to engage with third parties, it’s crucial they understand the associated security exposure they’re introducing. To do so, they must think like a hacker to evaluate whether or not they are introducing a problem or a solution for thei...

CVE-2019-11848

An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values...

Design/Logic Flaw

An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values...

CVE-2019-11848

CVE-2019-11848 is an API abuse vulnerability in the ALEOS AT Command API. The issue arises from lack of length checking when handling certain user-supplied values, affecting ALEOS versions prior to 4.13.0, 4.9.5, and 4.4.9. The connected sources corroborate the affected component (AT Command API)...

CVE-2019-11848 ALEOS AT Command API Abuse

An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values...

CVE-2019-3666

API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor WA prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a carefully crafted web site...

CVE-2019-3666 API Abuse Vulnerability

API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor WA prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a carefully crafted web site...

CVE-2019-3666

CVE-2019-3666 affects McAfee Web Advisor (WA) web interface prior to version 4.1.1.48. The vulnerability is described as an API abuse/misuse in the WA web interface that allows a remote, unauthenticated attacker to induce the browser to navigate to restricted websites via a specially crafted web ...

CVE-2019-16101

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI...

CVE-2019-1867

A vulnerability in the REST API of Cisco Elastic Services Controller ESC could allow an unauthenticated, remote attacker to bypass authentication on the REST API. The vulnerability is due to improper validation of API requests. An attacker could exploit this vulnerability by sending a crafted...

Exploit for Incorrect Authorization in Canonical Snapd

dirtysock: Linux Privilege Escalation via snapd In January...

Misconfigured Reverse Proxy Servers Spill Credentials

Researchers have created a proof-of-concept attack that allows unauthenticated adversaries to extract user credentials from misconfigured reverse proxy servers in order to delete, manipulate or extract data from websites and applications. The proof-of-concept PoC attack targets major cloud...

CVE-2016-4046

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending on the response typ...

Information disclosure

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending on the response typ...

CVE-2016-4046

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending on the response typ...