Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks

Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic. The end goal of the campaigns are broad and varied, allowing threat actors to compromis...

Muon Security Feature Issue Vulnerability

Muon is a minimalist private self-destructing file-hosting web server written in Clojure. A security signature issue vulnerability exists in Muon version 0.1.1. An attacker could exploit this vulnerability to cause a random value insufficiency...

Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising

Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware. "Threat actors have long used fraudulent ads as a vector to target victims with scams, malvertising, and more,"...

PT-2023-2103 · Microsoft · Onedrive For Macos +1

Name of the Vulnerable Software and Affected Versions: OneDrive for Windows affected versions not specified OneDrive for MacOS affected versions not specified Description: The issue is related to insufficient access restrictions in the file hosting service, which can be exploited by an attacker t...

Erbium stealer on the hunt for data

Theres a new slice of malware-as-a-service doing the rounds, although its actual newness is somewhat contested. The stealer, called Erbium, was first spotted on forums back in July 2022, but it seems nobody is quite sure when it started being deployed and snagging victims. Nevertheless, it is now...

NoxPlayer Android Emulator Supply-Chain Attack

It seems to be the season of sophisticated supply-chain attacks. This one is in the NoxPlayer Android emulator: ESET says that based on evidence its researchers gathered, a threat actor compromised one of the companys official API api.bignox.com and file-hosting servers res06.bignox.com. Using th...

YetiShare File Hosting Script 5.1.0 Server-Side Request Forgery

Title: YetiShare File Hosting Script 5.1.0 - 'url' Server-Side Request Forgery Date: 09.01.2021 Author: Numan Türle Vendor Homepage: https://mfscripts.com Software Link: https://yetishare.com Version: v5.1.0 Tested on: YetiShare - File Hosting Script v5.1.0, Php Version : 7.4 Summary ---------...

YetiShare File Hosting Script 5.1.0 - 'url' Server-Side Request Forgery

Title: YetiShare File Hosting Script 5.1.0 - 'url' Server-Side Request Forgery Date: 09.01.2021 Author: Numan Türle Vendor Homepage: https://mfscripts.com Software Link: https://yetishare.com Version: v5.1.0 Tested on: YetiShare - File Hosting Script v5.1.0, Php Version : 7.4 Summary ---------...

Satellite - Easy-To-Use Payload Hosting

Satellite is an web payload hosting service which filters requests to ensure the correct target is getting a payload. This can also be a useful service for hosting files that should be only accessed in very specific circumstances. Quickstart Guide 1. Install satellite on Ubuntu using the .deb fil...

Soliton Systems Kk FileZen Path Traversal Vulnerability

Soliton Systems Kk FileZen is a file hosting device from Soliton Systems Kk, Japan. The device features file storage, file transfer, file upload and download. A security vulnerability exists in Soliton Systems FileZen that originates from an input validation error when processing a directory...

DeathRansom - A Ransomware Developed In Python, With Bypass Technics, For Educational Purposes

What is a ransomware? A ransomware is malware that encrypts all your files and shows a ransom request, which tells you to pay a set amount, usually in bitcoins BTC, in a set time to decrypt your files, or he will delete your files. How it works? First, the script checks if it's in a sandbox,...

Pwndrop - Self-Deployable File Hosting Service For Red Teamers, Allowing To Easily Upload And Share Payloads Over HTTP And WebDAV

pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV. If you've ever needed to quickly set up an nginx/apache web server to host your files and you were never happy with the limitations of python -m...

Mellow Fish YetiShare Cross-Site Scripting Vulnerability (CNVD-2020-00223)

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A cross-site scripting vulnerability exists in the logfileviewer.php file in Mellow Fish YetiShare versions 3.5.2 through 4.5.3. The vulnerability stems from a lack of proper validation of client-side data by...

MFScripts YetiShare Cross-Site Scripting Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A cross-site scripting vulnerability exists in the getallfileserverpaths.ajax.php file in Mellow Fish YetiShare versions 3.5.2 through 4.5.3. The vulnerability stems from a lack of proper validation of...

Mellow Fish YetiShare Cross-Site Scripting Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A security vulnerability exists in Mellow Fish YetiShare versions 3.5.2 through 4.5.3, which stems from the program not setting the HttpOnly flag on session cookies. An attacker can exploit the vulnerability ...

Node.js third-party modules: [public] Path traversal using symlink

I would like to report Path traversal vulnerability in public module Module module name: public version: 0.1.4 npm page: https://www.npmjs.com/package/public Module Description Run static file hosting server with specified public dir & port. Support a "direcotry index" like Apache httpd. Module...

public node module path traversal vulnerability

The public node module is a module that can run a static file hosting server using a public directory and port. A path traversal vulnerability exists in the public node module, which stems from the program's lack of detection of file paths. An attacker could use this vulnerability to read the...

Metamorfo Campaigns Targeting Brazilian Users

FireEye Labs recently identified several widespread malspam malware spam campaigns targeting Brazilian companies with the goal of delivering banking Trojans. We are referring to these campaigns as Metamorfo. Across the stages of these campaigns, we have observed the use of several tactics and...

Node.js third-party modules: [public] Stored XSS in filenames in directory served by public

Hi Guys, public allows to embed HTML in file names, which in certain conditions might lead to execute malicious JavaScript. I put https://www.npmjs.com/package/public in Weakness section - 'Where is the stored content accessible?' because it does not allowed me to open report with...

WDMyCloud < 2.30.165 - Multiple Vulnerabilities

WDMyCloud Multiple Vulnerabilities Vendor: Western Digital Product: WDMyCloud Version: = 2.30.165 Website: https://www.wdc.com/products/network-attached-storage.html / / / / / / / / / / / / / / / / / / / / / \ / // / // / / / / / / / // / / / /,/// // /// // GulfTech Research and Development...