CVE-2023-40004

Missing Authorization vulnerability in ServMask All-in-One WP Migration Box Extension, ServMask All-in-One WP Migration OneDrive Extension, ServMask All-in-One WP Migration Dropbox Extension, ServMask All-in-One WP Migration Google Drive Extension.This issue affects All-in-One WP Migration Box...

CVE-2023-40004 Unauth. Access Token Manipulation vulnerability in multiple ServMask WordPress plugins

Missing Authorization vulnerability in ServMask All-in-One WP Migration Box Extension, ServMask All-in-One WP Migration OneDrive Extension, ServMask All-in-One WP Migration Dropbox Extension, ServMask All-in-One WP Migration Google Drive Extension.This issue affects All-in-One WP Migration Box...

Description of the security update for SharePoint Enterprise Server 2016: June 11, 2024 (KB5002604)

Description of the security update for SharePoint Enterprise Server 2016: June 11, 2024 KB5002604 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

PT-2024-4174

Name of the Vulnerable Software and Affected Versions Windows Cloud Files Mini Filter Driver affected versions not specified Description A heap-based buffer overflow exists in the Windows Cloud Files Mini Filter Driver cldflt.sys. This issue allows a local attacker to escalate privileges from a...

CVE-2024-34525

FileCodeBox 2.0 stores a OneDrive password and AWS key in a cleartext env file...

CVE-2024-34525

FileCodeBox 2.0 stores a OneDrive password and AWS key in a cleartext env file...

CVE-2024-34525

CVE-2024-34525 affects FileCodeBox 2.0, where a cleartext environment file stores sensitive credentials (OneDrive password and AWS key). Root cause is storing credentials in an unencrypted env file, enabling potential unauthorized access if the file is exposed. Documented remediation/recommendati...

CVE-2024-34525

FileCodeBox 2.0 stores a OneDrive password and AWS key in a cleartext env file...

PT-2024-25948 · Unknown · Filecodebox

Name of the Vulnerable Software and Affected Versions: FileCodeBox version 2.0 Description: The issue concerns the storage of sensitive information in cleartext. Specifically, FileCodeBox stores a OneDrive password and an AWS key in a cleartext env file. This poses a significant risk as it could...

FileCodeBox 安全漏洞

FileCodeBox is a file courier locker for vastsa personal developers. Files can be shared with an anonymous password. A security vulnerability exists in FileCodeBox version 2.0 that stems from allowing OneDrive passwords and AWS keys to be stored in plaintext environment files...

CVE-2024-34525

FileCodeBox 2.0 stores a OneDrive password and AWS key in a cleartext env file...

Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications

Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection. This is done to "facilitate communications with command-and-control C&C infrastructure hosted on Microsoft cloud services," the Symantec Threat Hunter Team, part of...

How to back up your Windows 10/11 PC to OneDrive

They say the only backup you ever regret is the one you didnt make. Starting in Windows 10, the operating system OS now comes with a built-in tool to back up your files, themes, some settings, many of your installed apps, and your Wi-Fi information. First, you’ll need to sign in with your Microso...

Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware

The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter. The campaign, observed earlier this month and blocked by Proofpoint on January 11, 2024, involved sending...

Description of the security update for SharePoint Enterprise Server 2016: January 9, 2024 (KB5002541)

Description of the security update for SharePoint Enterprise Server 2016: January 9, 2024 KB5002541 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

OneDrive backup job fails with "Download request retry timeout exceeded"

Challenge During a OneDrive backup, the following error may occur while downloading a OneNote file .one: Failed to backup item: %path%, Download request retry timeout exceeded. This error will only be displayed when using one of the following versions of Veeam Backup for Microsoft 365: v7 P202312...

Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks

Threat actors affiliated with the Russian Foreign Intelligence Service SVR have targeted unpatched JetBrains TeamCity servers in widespread attacks since September 2023. The activity has been tied to a nation-state group known as APT29, which is also tracked as BlueBravo, Cloaked Ursa, Cozy Bear,...

Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.

Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. "This malware family is written using the .NET framework and leverages the domain name service DNS protocol to create a covert channel and provide...

Hamas-Linked Group Revives SysJoker Malware, Leverages OneDrive

By Waqas Hamas launches a new variant of Rust-based, multi-platform backdoor sysJoker against targets in Israel. This is a post from HackRead.com Read the original post: Hamas-Linked Group Revives SysJoker Malware, Leverages OneDrive...

Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel

Cybersecurity researchers have shed light on a Rust version of a cross-platform backdoor called SysJoker, which is assessed to have been used by a Hamas-affiliated threat actor to target Israel amid the ongoing war in the region. "Among the most prominent changes is the shift to Rust language,...