May 2, 2024 at 11:18AM Several Android apps in the Google Play Store were found vulnerable to a path traversal-affiliated exploit, allowing malicious apps to overwrite files in the vulnerable app’s home directory. The implications include arbitrary code execution and token theft. Vulnerable apps include Xiaomi File Manager and WPS Office, but the issue has … Read more
November 27, 2023 at 11:36AM Open-source file-sharing software ownCloud has been found to have critical vulnerabilities that could expose sensitive information and allow authentication bypass. The most severe vulnerability affects the graphapi app and reveals important PHP environment details, including sensitive data like admin passwords and license keys. Another vulnerability allows unauthorized access, modification, and … Read more
November 24, 2023 at 11:30PM The open-source file-sharing software ownCloud has warned users about three critical security flaws that could expose sensitive information and allow for file modification. The vulnerabilities involve disclosure of credentials and configuration, authentication bypass, and subdomain validation bypass. The company recommends specific fixes for each flaw. Additionally, a critical remote code … Read more
November 24, 2023 at 01:20PM Open-source file sharing software ownCloud has issued warnings about three critical security vulnerabilities. The first flaw exposes administrator passwords and mail server credentials. The second flaw allows unauthorized access to files without authentication. The third flaw bypasses subdomain validation in the OAuth2 library. Users are advised to apply recommended fixes … Read more
November 9, 2023 at 03:50AM A phishing campaign has been discovered where threat actors send emails with a link to a file-sharing solution called DRACOON.team. When victims click on the link, they are directed to a PDF document containing a secondary link that leads to a fake Microsoft 365 login page. The attackers use reverse … Read more
November 8, 2023 at 02:57PM Windows 11 is making security improvements by updating the Windows Defender Firewall rules for SMB shares. The changes include omitting inbound NetBIOS ports and allowing connections with SMB servers over custom network ports. Administrators can still configure and modify the firewall rules as needed. These updates aim to strengthen Windows … Read more
November 7, 2023 at 12:08PM Microsoft has issued a warning to Outlook.com users about possible difficulties when sending emails with attachments. Error code 550 5.7.520 may appear, preventing emails from being sent. Microsoft suggests users upload files to OneDrive and share the link instead. Step-by-step instructions are provided as a workaround until the issue is … Read more