evolution, evolution-data-server, evolution-ews bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

The biggest update you’ll barely see

Its been more than 10 years since ThreadFix had its first lines of code written by its creator, Dan Cornell, as a means of solving a very pervasive issue in the application security space. While it quickly became a popular talking point at conferences and app sec parties they exist!, it was never...

NewStart CGSL MAIN 6.02 : evolution-data-server Vulnerability (NS-SA-2021-0128)

The remote NewStart CGSL host, running version MAIN 6.02, has evolution-data-server packages installed that are affected by a vulnerability: - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads...

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Experts at Kaspersky have been investigating various computer incidents on a daily basis for over a decade. Having been in the field for so long, we have witnessed some major changes in the cybercrime worlds modus operandi. This report shares our insights into the Russian-speaking cybercrime worl...

CVE-2021-31356

A command injection vulnerability in command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an...

30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware

In less time than it takes to get a stuffed crust pizza delivered, a new group called SnapMC can breach an organization’s systems, steal their sensitive data, and demand payment to keep it from being published, according to a new report from NCC Group’s threat intelligence team — no ransomware...

How cyberattacks are changing according to new Microsoft Digital Defense Report

In 2021, cybercrime has become more sophisticated, widespread, and relentless. Criminals have targeted critical infrastructure—healthcare,1 information technology,2 financial services,3 energy sectors4—with headline-grabbing attacks that crippled businesses and harmed consumers. But there are...

Hackers Are Going ‘Deep-Sea Phishing,’ So What Can You Do About It?

Hackers are upping their game, using an approach I call “Deep Sea Phishing,” which is the use of a combination of the techniques described below to become more aggressive. To keep pace, cybersecurity innovators have been working diligently to develop tools, techniques and resources to improve...

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation

In researching phishing attacks, we came across a campaign that used a rather high volume of newly created and unique subdomains—over 300,000 in a single run. This investigation led us down a rabbit hole as we unearthed one of the operations that enabled the campaign: a large-scale...

Which Online Shopping Experience Should I Try Today?

Do you remember the first time you made an online purchase? Me neither. I?ve made so many online purchases over the years, and I?ve probably made more in the past 18 months than in the past 5 years combined...

Evolution CMS 3.1.6 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Evolution CMS 3.1.6 - Remote Code Execution RCE Authenticated Date: 15-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://evo.im/ Software Link: https://github.com/evolution-cms/evolution/releases Version: 3.1.6 Category: Webapps Tested on: Linux/Windows Exampl...

Evolution CMS 3.1.6 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Evolution CMS 3.1.6 - Remote Code Execution RCE Authenticated Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://evo.im/ Software Link: https://github.com/evolution-cms/evolution/releases Version: 3.1.6 Category: Webapps Tested on: Linux/Windows Example: python3...

Evolution CMS 3.1.6 Remote Code Execution

Exploit Title: Evolution CMS 3.1.6 - Remote Code Execution RCE Authenticated Date: 15-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://evo.im/ Software Link: https://github.com/evolution-cms/evolution/releases Version: 3.1.6 Category: Webapps Tested on: Linux/Windows Exampl...

The Rise of Disruptive Ransomware Attacks: A Call To Action

Our collective use of and dependence on technology has come quite a long way since 1989. That year, the first documented ransomware attack — the AIDS Trojan — was spread via physical media 5 1⁄4" floppy disks delivered by the postal service to individuals subscribed to a mailing list. The malware...

CVE-2021-39361

In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

DEBIAN-CVE-2021-39361

In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

CVE-2021-39361

In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

UBUNTU-CVE-2021-39361

In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

CVE-2021-39361

In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

Code injection

In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...