#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

email server | Breaking Cybersecurity News | The Hacker News

Category — email server
Hackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite

Hackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite

Oct 08, 2022
A severe remote code execution vulnerability in Zimbra's enterprise collaboration software and email platform is being actively exploited, with no patch currently available to remediate the issue. The shortcoming, assigned  CVE-2022-41352 , carries a critical-severity rating of CVSS 9.8, providing a pathway for attackers to upload arbitrary files and carry out malicious actions on affected installations. "The vulnerability is due to the method ( cpio ) in which Zimbra's antivirus engine ( Amavis ) scans inbound emails," cybersecurity firm Rapid7  said  in an analysis published this week. The issue is said to have been abused since early September 2022, according to  details  shared on Zimbra forums. While a fix is yet to be released, the software services company is urging users to install the "pax" utility and restart the Zimbra services. "If the  pax package  is not installed, Amavis will fall-back to using cpio, unfortunately the fall-back is ...
New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email

New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email

Jun 01, 2022
A new unpatched security vulnerability has been disclosed in the open-source Horde Webmail client that could be exploited to achieve remote code execution on the email server simply by sending a specially crafted email to a victim. "Once the email is viewed, the attacker can silently take over the complete mail server without any further user interaction," SonarSource said in a report shared with The Hacker News. "The vulnerability exists in the default configuration and can be exploited with no knowledge of a targeted Horde instance." The issue, which has been assigned the CVE identifier  CVE-2022-30287 , was reported to the vendor on February 2, 2022. The maintainers of the Horde Project did not immediately respond to a request for comment regarding the unresolved vulnerability. At its core, the issue makes it possible for an authenticated user of a Horde instance to run malicious code on the underlying server by taking advantage of a quirk in how the client...
Want to Grow Vulnerability Management into Exposure Management? Start Here!

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Dec 05, 2024Attack Surface / Exposure Management
Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...
Hackers Are Targeting Microsoft Exchange Servers With Ransomware

Hackers Are Targeting Microsoft Exchange Servers With Ransomware

Mar 12, 2021
It didn't take long. Intelligence agencies and cybersecurity researchers had been warning that unpatched Exchange Servers could open the pathway for ransomware infections in the wake of swift escalation of the attacks since last week. Now it appears that threat actors have caught up.  According to the latest reports , cybercriminals are leveraging the heavily exploited ProxyLogon Exchange Server flaws to install a new strain of ransomware called "DearCry." "Microsoft observed a new family of human operated ransomware attack customers – detected as Ransom:Win32/DoejoCrypt.A," Microsoft researcher Phillip Misner  tweeted . "Human operated ransomware attacks are utilizing the Microsoft Exchange vulnerabilities to exploit customers." Microsoft's security intelligence team, in a separate tweet,  confirmed  that it has begun "blocking a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers....
cyber security

Innovate Securely: Top Strategies to Harmonize AppSec and R&D Teams

websiteBackslashApplication Security
Tackle common challenges to make security and innovation work seamlessly.
New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers

New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers

Feb 25, 2020
OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems. OpenSMTPD , also known as OpenBSD SMTP Server, is an open-source implementation of the Simple Mail Transfer Protocol (SMTP) to deliver messages on a local machine or to relay them to other SMTP servers. It was initially developed as part of the OpenBSD project but now comes pre-installed on many UNIX-based systems. Discovered by experts at Qualys Research Labs, who also reported a similar RCE flaw in the email server application last month, the latest out-of-bounds read issue, tracked as  CVE-2020-8794 , resides in a component of the OpenSMTPD's client-side code that was introduced nearly 5 years ago. Just like the previous issue, which attackers started exploiting in the wild just a day after its public disclosure, the new OpenSMTPD flaw could also let remote hackers execute arbit...
Critical OpenSMTPD Bug Opens Linux and OpenBSD Mail Servers to Hackers

Critical OpenSMTPD Bug Opens Linux and OpenBSD Mail Servers to Hackers

Jan 30, 2020
Cybersecurity researchers have discovered a new critical vulnerability ( CVE-2020-7247 ) in the OpenSMTPD email server that could allow remote attackers to take complete control over BSD and many Linux based servers. OpenSMTPD is an open-source implementation of the server-side SMTP protocol that was initially developed as part of the OpenBSD project but now comes pre-installed on many UNIX-based systems. According to Qualys Research Labs, who discovered this vulnerability, the issue resides in the OpenSMTPD's sender address validation function, called smtp_mailaddr(), which can be exploited to execute arbitrary shell commands with elevated root privileges on a vulnerable server just by sending specially crafted SMTP messages to it. The flaw affects OpenBSD version 6.6 and works against the default configuration for both, the locally enabled interface as well as remotely if the daemon has been enabled to listen on all interfaces and accepts external mail. "Exploit...
Exim TLS Flaw Opens Email Servers to Remote 'Root' Code Execution Attacks

Exim TLS Flaw Opens Email Servers to Remote 'Root' Code Execution Attacks

Sep 06, 2019
A critical remote code execution vulnerability has been discovered in the popular open-source Exim email server software, leaving at least over half a million email servers vulnerable to remote hackers. Exim maintainers today released Exim version 4.92.2 after publishing an early warning two days ago, giving system administrators a heads-up on its upcoming security patches that affect all versions of the email server software up to and including then-latest 4.92.1. Exim is a widely used, open source mail transfer agent (MTA) software developed for Unix-like operating systems such as Linux, Mac OSX or Solaris, which runs almost 60% of the internet's email servers today for routing, delivering and receiving email messages. Tracked as CVE-2019-15846 , the security vulnerability only affects Exim servers that accept TLS connections, potentially allowing attackers to gain root-level access to the system "by sending an SNI ending in a backslash-null sequence during the ini...
Hackers Destroyed VFEmail Service – Deleted Its Entire Data and Backups

Hackers Destroyed VFEmail Service – Deleted Its Entire Data and Backups

Feb 13, 2019
What could be more frightening than a service informing you that all your data is gone—every file and every backup servers are entirely wiped out? The worst nightmare of its kind. Right? But that's precisely what just happened this week with VFEmail.net, a US-based secure email provider that lost all data and backup files for its users after unknown hackers destroyed its entire U.S. infrastructure, wiping out almost two decades' worth of data and backups in a matter of few hours for no apparent reason. Started in 2001 by Rick Romero, VFEmail provides secure, private email services to companies and end users, both free and paid-for. Describing the attack as "catastrophic," the privacy-focused email service provider revealed that the attack took place on February 11 and that "all data" on their US servers—both the primary and the backup systems—has been completely wiped out, and it's seemingly beyond recovery. "Yes, @VFEmail is effectivel...
Donald Trump's Email Servers are Horribly Insecure — Researcher Reveals

Donald Trump's Email Servers are Horribly Insecure — Researcher Reveals

Oct 18, 2016
When Hillary Clinton's private email server was hacked earlier this year, she was criticized for her bad security practices that exposed top secret documents stored in emails on that private server. The FBI called her behavior 'extremely careless.' Republican presidential candidate Donald Trump and his supporters are continuously criticizing Clinton's use of a private email server. And here's what Trump lectured in a debate about cybersecurity: "The security aspect of cyber is very, very tough. And maybe it's hardly doable. But I will say, we are not doing the job we should be doing. But that's true throughout our whole governmental society. We have so many things that we have to do better, Lester, and certainly, cyber is one of them." Forget Clinton; Trump has so worryingly insecure internet setup that anyone with little knowledge of computers can expose almost everything about Trump and his campaign. Security researcher Kevin Beaumont,...
Expert Insights / Articles Videos
Cybersecurity Resources