91 matches found
CVE-2024-33775
An issue with the Autodiscover component in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted Dashlet...
autodiscover.comunidad.itam.mx Cross Site Scripting vulnerability OBB-3780726
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
autodiscover.rezervace.jogaletna.cz Cross Site Scripting vulnerability OBB-3279323
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach
Cloud services provider Rackspace on Thursday confirmed that the ransomware gang known as Play was responsible for last month's breach. The security incident, which took place on December 2, 2022, leveraged a previously unknown security exploit to gain initial access to the Rackspace Hosted...
Exploit for CVE-2022-41080
CVE-2022-41080 Desc - CrowdStrike recently discovered a n...
Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations
Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution RCE through Outlook Web Access OWA. "The new exploit method bypasses...
Microsoft Exchange Autodiscover Server-Side Request Forgery Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the Autodiscover service. The issue results from the lack of proper validation of a URI prio...
Exploit for Server-Side Request Forgery in Microsoft
CVE-2022-41040 Microsoft Exchange vulnerable to server-side...
Microsoft Exchange vulnerable to server-side request forgery and remote code execution.
Overview Microsoft Exchange Server 2019, Exchange Server 2016 and Exchange Server 2013 are vulnerable to a server-side request forgery SSRF attack and remote code execution. An authenticated attacker can use the combination of these two vulnerabilities to elevate privileges and execute arbitrary...
[Security Nation] Amit Serper on Finding Leaks in Autodiscover
!\Security Nation\ Amit Serper on Finding Leaks in Autodiscoverhttps://blog.rapid7.com/content/images/2022/02/securitynationlogo.jpg In this episode of Security Nation, Jen and Tod chat with Amit Serper, Director of Security Research at Akamai, on his work uncovering a flaw in the Autodiscover...
Microsoft Exchange Server Autodiscover Cross-Site Scripting
Microsoft Exchange Server versions 2019 before cumulative update 11, 2016 before cumulative update 22 and 2013 before cumulative update 23 are affected by a cross-site scripting vulnerability through the autodiscover/autodiscover.json endpoint. By crafting a specific URL, an attacker could target...
Security News: Microsoft Patch Tuesday October 2021, Autodiscover, MysterySnail, Exchange, DNS, Apache, HAProxy, VMware vCenter, Moodle
Hello everyone! This episode will be about relatively recent critical vulnerabilities. Lets start with Microsoft Patch Tuesday for October 2021. Specifically, with the vulnerability that I expected there, but it didnt get there. Autodiscover leak discovered by Guardicore Labs "Autodiscover, a...
Office 365 Spy Campaign Targets US Military Defense
A new threat actor, dubbed DEV-0343, has been spotted attacking U.S. and Israeli defense technology companies, Persian Gulf ports of entry and global maritime transportation companies with ties to the Middle East. The threat actor’s goal is Microsoft Office 365 account takeovers. Microsoft, which...
A week in security (Sept 27 – Oct 3)
Last week on Malwarebytes Labs Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18 Phone screenshots accidentally leaked online by stalkerware-type company FoggyWeb, analysis of a Nobelium backdoor Instagram Kids put on hold Microsoft, CISA and NSA...
[Security Nation] Rob Graham on Mike Lindell's Cyber Symposium
!\Security Nation\ Rob Graham on Mike Lindell's Cyber Symposiumhttps://blog.rapid7.com/content/images/2021/09/securitynationlogo-1.jpg In this episode of Security Nation, Jen and Tod chat with Rob Graham of Errata Security about his experience attending pillow magnate Mike Lindell's Cyber...
Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords
Guardicore security researcher Amit Serper has discovered a severe design bug in Microsoft Exchange’s autodiscover – a protocol that lets users easily configure applications such as Microsoft Outlook with just email addresses and passwords. The flaw has caused the Autodiscover service to leak...
Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials
An unpatched design flaw in the implementation of Microsoft Exchange's Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. "This is a severe security issue, since if an attacker can control such domains or has the abilit...
Microsoft Exchange Autodiscover flaw reveals users’ passwords
Researchers have been able to get hold of 372,072 Windows domain credentials, including 96,671 unique credentials, in slightly over 4 months by setting up a Microsoft Exchange server and using Autodiscover domains. The credentials that are being leaked are valid Windows domain credentials used to...
Autodiscovering the Great Leak
See the most recent research from Amit Serper on a vulnerability in Autodiscover from Microsoft Outlook that affects credential leaks...
The vulnerability of the mailboxd component (Autodiscover/Autodiscover.xml) in the Zimbra Collaboration Suite enterprise email management system allows a hacker to execute an XXE attack.
The vulnerability of the mailboxd component Autodiscover/Autodiscover.xml in the Zimbra Collaboration Suite enterprise email management system is related to an incorrect limitation on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to execute an XXE atta...