WordPress SendGrid plugin <= 1.11.8 - Authenticated Authorization Bypass vulnerability

Authenticated Authorization Bypass vulnerability discovered by Prashant Baldha in WordPress SendGrid plugin versions = 1.11.8. Solution This plugin has been closed as of July 13, 2021 and is not available for download. This closure is permanent...

VulnCheck KEV: CVE-2021-34629

The SendGrid WordPress plugin is vulnerable to authorization bypass via the getajaxstatistics function found in the /lib/class-sendgrid-statistics.php file which allows authenticated users to export statistic for a WordPress multi-site main site, in versions up to and including 1.11.8...

Spam and phishing in Q3 2020

Quarterly highlights Worming their way in: cybercriminal tricks of the trade These days, many companies distribute marketing newsletters via online platforms. In terms of capabilities, such platforms are quite diverse: they send out advertising and informational messages, harvest statistics for...

Unhappy Hour Special: KEGTAP and SINGLEMALT With a Ransomware Chaser

Throughout 2020, ransomware activity has become increasingly prolific, relying on an ecosystem of distinct but co-enabling operations to gain access to targets of interest before conducting extortion. Mandiant Threat Intelligence has tracked several loader and backdoor campaigns that lead to the...

Voter Registration ‘Error’ Phish Hits During U.S. Election Frenzy

Cybercriminals this week are tapping into this week’s political frenzy with a new phishing lure that warns U.S. targets that their voter registration data needs extra details. The emails purport to come from the U.S. Election Assistance Commission, an independent agency of the United States...

Fedora 32 : php-symfony4 (2020-16eb328853)

Version 4.4.13 2020-09-02 - security CVE-2020-15094 Remove headers with internal meaning from HttpClient responses mpdude - bug 38024 Console Fix undefined index for inconsistent command name definition chalasr - bug 38023 DI fix inlining of non-shared services nicolas-grekas - bug 38020...

Sendgrid Under Siege from Hacked Accounts

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. Sendgrids parent company Twilio says it is working on a plan to require multi-factor...

TrickBot Adds BazarBackdoor to Malware Arsenal

A new module for the infamous trojan known as TrickBot has been deployed: A stealthy backdoor that researchers call “BazarBackdoor.” The binary was first spotted being delivered as part of a phishing campaign that began in March, according to an analysis from Panda Security this week. The campaig...

Django: Email Spoofing Possible on djangoproject.com Email Domain

Summary: Due to lacking a SPF and DMARC record it is possible to spoof emails from djangoproject.com. This could potentially be used to trick employees, customers or clients via phishing emails. Description: Mail servers rely on both SPF and DMARC to properly deal with email spoofing. SPF shows...

Khan Academy: Possible Take Over Subdomain For Inbound Emails

Hello KhanAcademy Security Team, I'm rootbakar, The researcher identified that the affected url points to sendgrid.net, via a DNS CNAME record. As a result of this an attacker could potentially initate a subdomain take over by registering the subdomain sendgrid.khanacademy.org on sendgrid and...

Uber: Information Leakage - GitHub - VCenter configuration scripts, StorMagic usernames and password along with default ESXi root password

@peuch found data exposure on Github - expired passwords and usernames for ESXi a bare metal hypervisor. The researcher also found credentials to a SendGrid instance uberinfradevtools, which would have allowed them to log in to SendGrid and send email from any @uber.com address. However, this wou...

Udemy: Completed Compromise & Source Code Disclosure via Exposed Jenkins Dashboard at https://jenkins101.udemy.com

Howdy, @udemy! Summary: ======= I am writing to inform you of a critical information disclosure bug via an exposed Jenkins dashboard located at https://jenkins101.udemy.com. Upon navigating to this address, I was asked to authenticate with my Github account. After authenticating, I was surprised ...

The value of a million dollars of vulnerability can be read Uber's internal mail-vulnerability warning-the black bar safety net

! Overview It is understood, Uber site system and broke a vulnerability, an attacker or exploit the vulnerability feel free to read Uber's internal mail. And according to Uber, the company's vulnerability reward program, the vulnerability of the value of about one million dollars. Write in front ...

Reading Uber’s Internal Emails [Uber Bug Bounty report worth $10,000]

After recent finding about one of the Uber’s subdomain takeover was publicly disclosed, I looked into Uber to find similar bugs. One of my colleagues Abhibandu Kafle, pointed out that em.uber.com also had CNAME pointing to SendGrid and could be vulnerable to similar kind of issue. I had limited...

SendGrid Email Delivery Service Hack

SendGrid, which sells a cloud-based email delivery service, has admitted that the extent of a hack disclosed three weeks ago was much more serious than originally reported. The company said an employee account was compromised and used to access other systems that contained customer and employee...