548 matches found
Improper Certificate Validation
CKAN is vulnerable to Improper Certificate Validation. The vulnerability is due to insufficient validation of SMTP server certificates, allowing attackers to spoof the configured mail server using invalid or self-signed certificates and enabling man-in-the-middle attacks against email traffic and...
CVE-2024-5143
A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be exposed...
PT-2025-7286 · Phpjabbers · Phpjabbers Hotel Booking System
Name of the Vulnerable Software and Affected Versions: PHPJabbers Hotel Booking System version 4.0 Description: A lack of rate limiting in the "Login Section, Forgot Email" feature allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial o...
CVE-2024-5143
The CVE-2024-5143 entry describes a vulnerability in HP LaserJet Pro printers where a user with device administrative privileges can modify SMTP server settings without re‑entering credentials. This can redirect send‑to‑email traffic to an attacker‑controlled SMTP server and potentially expose th...
Cyber Signals: Shifting tactics fuel surge in business email compromise
Today we released the fourth edition of Cyber Signals highlighting a surge in cybercriminal activity around business email compromise BEC. Microsoft has observed a 38 percent increase in cybercrime as a service CaaS targeting business email between 2019 and 2022.1 Successful BEC attacks cost...
Microsoft Defender for Office 365 receives highest award in SE Labs Enterprise Email Security Services test
In today’s evolving threat landscape, email represents the primary attack vector for cybercrime, making effective email protection a key component of any security strategy.1 In Q1 2022, Microsoft participated in an evaluation of email security solutions, carried out by SE labs—a testing lab focus...
Microsoft Exchange Server Information Disclosure
Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target...
VulnCheck KEV: CVE-2021-33766
Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target...
Mimecast Certificate Hacked in Supply-Chain Attack
A Mimecast-issued certificate used to authenticate some of the company’s products to Microsoft 365 Exchange Web Services has been “compromised by a sophisticated threat actor,” the company has announced. Mimecast provides email security services that customers can apply to their Microsoft 365...
Cyberattackers Ramp Up to 1.5M COVID-19 Emails Per Day
Cyberattackers have reached a peak of sending 1.5 million malicious emails per day related to the COVID-19 pandemic over the course of the last three months, according to new research. Research from Forcepoint analyzing coronavirus-themed attacks between Jan. 19 to April 18 found cybercriminals...
Threat Outbreak Alert RuleID33317: Email Messages Distributing Malicious Software on August 13, 2018
Medium Alert ID: 58703 First Published: 2018 August 15 15:55 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33317 may contain the following files: Name |...
Threat Outbreak Alert RuleID33369: Email Messages Distributing Malicious Software on August 13, 2018
Medium Alert ID: 58748 First Published: 2018 August 15 13:21 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33369 may contain the following files: Name |...
Threat Outbreak Alert RuleID33368: Email Messages Distributing Malicious Software on August 13, 2018
Medium Alert ID: 58746 First Published: 2018 August 15 13:21 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33368 may contain the following files: Name |...
Threat Outbreak Alert RuleID33359: Email Messages Distributing Malicious Software on August 13, 2018
Medium Alert ID: 58740 First Published: 2018 August 15 12:48 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33359 may contain the following files: Name |...
Threat Outbreak Alert RuleID33408: Email Messages Distributing Malicious Software on August 13, 2018
Medium Alert ID: 58696 First Published: 2018 August 14 18:29 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33408 may contain the following files: Name |...
Threat Outbreak Alert RuleID33475: Email Messages Distributing Malicious Software on August 13, 2018
Medium Alert ID: 58683 First Published: 2018 August 13 18:36 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33475 may contain the following files: Name |...
Threat Outbreak Alert RuleID33105: Email Messages Distributing Malicious Software on July 11, 2018
Medium Alert ID: 58429 First Published: 2018 July 11 14:25 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33105 may contain the following files: Name | Siz...
Threat Outbreak Alert RuleID33131: Email Messages Distributing Malicious Software on July 5, 2018
Medium Alert ID: 58378 First Published: 2018 July 5 16:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33131 may contain the following files: Name | Size...
Threat Outbreak Alert RuleID33069: Email Messages Distributing Malicious Software on July 4, 2018
Medium Alert ID: 58362 First Published: 2018 July 5 15:43 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33069 may contain the following files: Name | Size...
Threat Outbreak Alert RuleID33038: Email Messages Distributing Malicious Software on June 22, 2018
Medium Alert ID: 58272 First Published: 2018 June 22 13:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33038 may contain the following files: Name | Siz...