Tag Archives: vulnerable

A recent discovery has unveiled vulnerabilities in multiple hosted, outbound SMTP servers, allowing authenticated users and certain trusted networks to send emails with spoofed sender information.

These vulnerabilities, CVE-2024-7208 and CVE-2024-7209, exploit weaknesses in the authentication and verification mechanisms provided by Sender Policy Framework (SPF) and Domain Key Identified Mail (DKIM).

Domain-based Message Authentication, Reporting, and Conformance (DMARC), which builds on SPF and DKIM, is circumvented, enabling attackers to bypass security measures and spoof sender identities.

Technical Description of the Vulnerabilities

The vulnerabilities stem from the SMTP protocol’s inherent insecurity, as outlined in RFC 5321 #7.1. SPF…

Tens of thousands of Microsoft Exchange servers are vulnerable to a flaw that is already being abused in the wild, experts have warned.

The vulnerability, tracked as CVE-2024-21410, is a privilege escalation flaw that allows threat actors to perform NTLM relay attacks on Microsoft Exchange Servers and escalate their privileges on the target endpoint. As a result, they could steal sensitive information and confidential data being shared via email, or could use the access as a stepping stone for more devastating attacks. 

Nepal has witnessed an exponential 340 per cent annual growth in publicly reported hacking incidents against private and public sector digital infrastructure, according to police statistics. This surging epidemic of intrusions has been enabled by untreated flaws permeating networks and deficiencies around oversight, allowing websites and databases to be easily penetrated by even novice hackers.

The vectors for such website breaches predominantly include SQL injection attacks and distributed denial of service (DDoS) salvos – together underlying over 85 per cent of documented cybercrime cases with technical evidence and attack forensics.

As compared to Server Loss, SQL injection is one of the critical vulnerabilities which lead to taking over the database of the server, SQL injection…

Adam Bannister

11 August 2021 at 10:58 UTC

Updated: 11 August 2021 at 11:02 UTC

Pen testers and vendor disagree over appropriate mitigations

Security researchers have achieved remote code execution (RCE) on web hosting platform cPanel & WHM after bypassing CSRF protections and escalating privileges via a stored cross-site scripting (XSS) vulnerability.

cPanel & WHM is a suite of Linux tools that enable the automation of web hosting tasks via a graphical user interface (GUI). cPanel is used in the hosting of more than 168,000 websites, according to Datanyze.

During a black-box pen test, RCE was also demonstrated via a “more convoluted” cross-site WebSocket hijacking attack that was…

Adam Bannister

11 August 2021 at 10:58 UTC

Updated: 11 August 2021 at 14:32 UTC

Pen testers and vendor disagree over appropriate mitigations

Security researchers have achieved remote code execution (RCE) and privilege escalation on web hosting platform cPanel & WHM via a stored cross-site scripting (XSS) vulnerability.

cPanel & WHM is a suite of Linux tools that enable the automation of web hosting tasks via a graphical user interface (GUI). cPanel is used in the hosting of more than 168,000 websites, according to Datanyze.

During a black-box pen test, RCE was also demonstrated via a “more convoluted” CSRF bypass chained with a cross-site WebSocket hijacking attack that was possible…