Tag Archives: flaw

Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) carried a flaw which allowed threat actors to hijack people’s sessions and execute malicious code on underlying instances, remotely, experts have warned.

Cybersecurity researchers Tenable discovered the vulnerability and dubbed it FlowFixation, explaining the vulnerability stems from both session fixation on the AWS MWAA web management platform, and a misconfiguration in the AWS domain. These two open the doors for a cross-site scripting (XSS) attack. 

Experts have warned popular iOS productivity app was flawed in a way that allowed threat actors to steal sensitive data from the vulnerable device.

The app in question is called Apple Shortcuts, and it acts as a nifty little time-saving widget that allows apps to interact with one another on specific tasks and thus generate useful actions, such as using it to determine the user’s location, calculate how much time it would take to get home, and send that information via SMS, to a contact. 

Tens of thousands of Microsoft Exchange servers are vulnerable to a flaw that is already being abused in the wild, experts have warned.

The vulnerability, tracked as CVE-2024-21410, is a privilege escalation flaw that allows threat actors to perform NTLM relay attacks on Microsoft Exchange Servers and escalate their privileges on the target endpoint. As a result, they could steal sensitive information and confidential data being shared via email, or could use the access as a stepping stone for more devastating attacks. 

Top VPN provider ExpressVPN was notified of a bug in one of its products, and was forced to disable a popular feature until they can deploy a fix.

In a blog post, the company said Attila Tomaschek, a VPN expert and CNET’s staff writer, reached out recently after having observed DNS requests on his Windows computer not being redirected to ExpressVPN’s dedicated servers, as they should have been. Tomaschek was using the Version 12 app for windows, and had the split tunneling feature turned on. 

Digital Defence has disclosed details of a two-factor authentication vulnerability in web hosting platform cPanel & WebHost Manager (WHM). WHM is the management system behind more than 70 million domains. The vulnerability allowed the two-factor authentication to be subjected to a brute force attack. Digital Defence was able to show it took just minutes for a successful attack to take place.

However, there is a caveat. The attacker would need knowledge of, or access to valid credentials. This narrows the attack surface to stolen credentials or insider attacks. That still means more than 70 million sets of credentials (assuming one per domain). It also means that web hosting firms will need to make sure they have updated all instances of WHM.

cPanel moves to…