Uploaded image for project: 'XWiki Infrastructure'
  1. XWiki Infrastructure
  2. XINFRA-425

Vade Notification - Potential Security Issue Detected - mail[.]xwiki[.]org

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Critical
    • None
    • Unknown

    Description

      Hello,
       
       
      We are writing to inform you of a security incident that was recently identified relating to the following domain : mail[.]xwiki[.]org
       
       
      Malicious urls were identified by a Vade's security component.
       
      Currently, malicious threat actors are leveraging this domain for attacking third-party stakeholders.
       
       
      It seems that attackers have overtaken an expirated CNAME of mail[.]xwiki[.]org 
       
      Based on our findings, we are notifying you of a security incident in order for you to remediate this issue.
       
       
      Example of malicious URLs  :
       

      • [http://mail[.]xwiki[.]org] /nvIN.dx?putdkywtnzvrti=vxylvwizeknserMjh0Z2J3eDAwaWZiajAwMjM2MTB3MDRnMGMwNTE5NTE5Mjk5OQ==
      • [http://mail[.]xwiki[.]org/nvIN.dx?ifvsgqwztuphtk=jumxmljdskwtwfMzh0Z2J3eDAwaWZiajAwMjM2MTB3MDRnMGMwNTE5NTE5Mjk5OQ==]

       
       
      Kind regards,

       

      PS : Sorry if we created this issue in the wrong project.
       

      Attachments

        Activity

          People

            ciaens Clément Christiaens
            Simon Simon
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: