WordPress Bitcoin Payments – Blockonomics Security Vulnerabilities

Security Bulletin: Multiple OpenSSL vulnerabilities affect IBM Safer Payments

Summary OpenSSL is used by IBM Safer Payments as part of all secure network communications. These are addressed. Vulnerability Details ** CVEID: CVE-2023-0466 DESCRIPTION: **OpenSSL could allow a remote attacker to bypass security restrictions, caused by a flaw in the...

Wordfence Intelligence Weekly WordPress Vulnerability Report (July 17, 2023 to July 23, 2023)

Last week, there were 62 vulnerabilities disclosed in 1035 WordPress Plugins and 90 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 36 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities....

bitcoin-gr.org Cross Site Scripting vulnerability OBB-3552685

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

New AI Tool 'FraudGPT' Emerges, Tailored for Sophisticated Attacks

Following the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence (AI) tool dubbed FraudGPT on various dark web marketplaces and Telegram channels. "This is an AI bot, exclusively targeted for offensive purposes, such as crafting spear...

Wallet-Transaction-Monitor - This Script Monitors A Bitcoin Wallet Address And Notifies The User When There Are Changes In The Balance Or New Transactions

This script monitors a Bitcoin wallet address and notifies the user when there are changes in the balance or new transactions. It provides real-time updates on incoming and outgoing transactions, along with the corresponding amounts and timestamps. Additionally, it can play a sound notification on....

Attacks, Vulnerabilities and Actors 17 July to 23 July 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of eleven attacks executed, nine vulnerabilities, and three different adversaries...

Improper Access Control

odoo is vulnerable to Improper Access Control. The vulnerability allows an attacker to validate online payments with a tokenized payment method that belongs to another user, causing the victim's payment method to be charged...

Kanti Ransomware Strikes Cryptocurrency Users

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Kanti is a novel strain of ransomware that has been specifically designed to target cryptocurrency users. This sophisticated ransomware is cunningly crafted to infiltrate systems and encrypt files,...

The Metaverse is connected to cryptocurrencies – but not so much to Bitcoin

By Owais Sultan The Metaverse refers to a virtual space or a collective virtual shared space, created by the convergence of… This is a post from HackRead.com Read the original post: The Metaverse is connected to cryptocurrencies – but not so much to...

Exploit for Improper Authentication in Automattic Woocommerce Payments

CVE-2023-28121 Python 2.7 Buy Coffee : Bitcoin $:...

Q2-2023 API ThreatStats™ Report: API Exploits Are Everywhere: from NVIDIA to Reddit and more!

Our Q2-2023 API ThreatStats™ report is out. It provides API builders, defenders, breakers, and decision-makers with a comprehensive look at the API security vulnerabilities, threats and exploits reported this past quarter. This report provides everyone involved in API development, security and...

Hackers Target WooCommerce Payments Plugin to Hijack Websites

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Cybercriminals are orchestrating a widespread campaign to exploit a pivotal WooCommerce Payments plugin, thereby acquiring the privileges of various users, including those with administrator...

Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway

Citrix is alerting users of a critical security flaw in NetScaler Application Delivery Controller (ADC) and Gateway that it said is being actively exploited in the wild. Tracked as CVE-2023-3519 (CVSS score: 9.8), the issue relates to a case of code injection that could result in unauthenticated...

CVE-2023-30153

An SQL injection vulnerability in the Payplug (payplug) module for PrestaShop, in versions 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.7.0 and 3.7.1, allows remote attackers to execute arbitrary SQL commands via the ajax.php front...

CVE-2023-30153

An SQL injection vulnerability in the Payplug (payplug) module for PrestaShop, in versions 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.7.0 and 3.7.1, allows remote attackers to execute arbitrary SQL commands via the ajax.php front...

Sql injection

An SQL injection vulnerability in the Payplug (payplug) module for PrestaShop, in versions 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.7.0 and 3.7.1, allows remote attackers to execute arbitrary SQL commands via the ajax.php front...

Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)

The previous blog from this three-part series showcased an overview of the vulnerability threat landscape. To summarize quickly, it illustrated the popular methods of exploiting vulnerabilities and the tactical techniques employed by threat actors, malware, and ransomware groups. Perhaps more...

Go Beyond the Headlines for Deeper Dives into the Cybercriminal Underground

Discover stories about threat actors' latest tactics, techniques, and procedures from Cybersixgill's threat experts each month. Each story brings you details on emerging underground threats, the threat actors involved, and how you can take action to mitigate risks. Learn about the top...

Owner of BreachForums Pleads Guilty to Cybercrime and Child Pornography Charges

Conor Brian Fitzpatrick, the owner of the now-defunct BreachForums website, has pleaded guilty to charges related to his operation of the cybercrime forum as well as having child pornography images. The development, first reported by DataBreaches.net last week, comes nearly four months after...

Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites

Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign. The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables unauthenticated attackers to....

CVE-2023-30153

An SQL injection vulnerability in the Payplug (payplug) module for PrestaShop, in versions 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.7.0 and 3.7.1, allows remote attackers to execute arbitrary SQL commands via the ajax.php front...

Oracle Critical Patch Update Advisory - July 2023

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches...

Massive Targeted Exploit Campaign Against WooCommerce Payments Underway

The Wordfence Threat Intelligence team has been monitoring an ongoing exploit campaign targeting a recently disclosed vulnerability in WooCommerce Payments, a plugin installed on over 600,000 sites. Large-scale attacks against the vulnerability, assigned CVE-2023-28121, began on Thursday, July 14,....

Metasploit Weekly Wrap-Up

Authentication bypass in Wordpress Plugin WooCommerce Payments This week's Metasploit release includes a module for CVE-2023-28121 by h00die. This module can be used against any wordpress instance that uses WooCommerce payments < 5.6.1. This module exploits an auth by-pass vulnerability in the.....

Ransomware making big money through "big game hunting"

Ransomware generates big money for the groups behind it, with new research confirming (some) of the scale of the problem. Chainalysis, a blockchain research firm, looked at data from monitored cryptocurrency wallets, concluding that around $449 million has been taken from victims in the last six...

QR codes are relevant again for everyone from diners to threat actors

Welcome to this week's edition of the Threat Source newsletter. Although we can probably largely consider the COVID-19 pandemic "over," many relics from the peak of lockdown and concerns over the virus are still around in mid-2023. It's still impossible to get a doctor's appointment quickly, but...

Malicious campaigns target government, military and civilian entities in Ukraine, Poland

Cisco Talos has discovered a threat actor conducting several campaigns against government entities, military organizations and civilian users in Ukraine and Poland. We judge that these operations are very likely aimed at stealing information and gaining persistent remote access. The activity we...

Exploit for Improper Authentication in Automattic Woocommerce Payments

CVE-2023-28121 WooCommerce Payments < 5.6.2 - Unauthenticated...

Exploit for Improper Authentication in Automattic Woocommerce Payments

CVE-2023-28121 WooCommerce Payments < 5.6.2 - Unauthenticated...

Imperva Offers New Features to Simplify PCI DSS Compliance

The Silent Threat of Client-Side Attacks As more transactions move online, a silent threat is lurking in the deepest, darkest shadows of websites, threatening to steal your sensitive data. This rapidly evolving threat, known as client-side attacks such as Magecart, formjacking, and online...

CVE-2023-37192

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own...

CVE-2023-37192

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own...

CVE-2023-37192

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own...

CVE-2023-37192

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own...

Code injection

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own...

CVE-2023-37192

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own...

Email crypto phishing scams: stealing from hot and cold crypto wallets

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. Scammers tailor the complexity of technology they use and the thoroughness of their efforts to imitate legitimate...

Wordpress Plugin WooCommerce Payments Unauthenticated Admin Creation

WooCommerce-Payments plugin for Wordpress versions 4.8', '4.8.2, 4.9', '4.9.1, 5.0', '5.0.4, 5.1', '5.1.3, 5.2', '5.2.2, 5.3', '5.3.1, 5.4', '5.4.1, 5.5', '5.5.2, and 5.6', '5.6.2 contain an authentication bypass by specifying a valid user ID number within the X-WCPAY-PLATFORM-CHECKOUT-USER...

Elderly targeted in car accident scam, kingpin arrested

The head of a criminal network responsible for defrauding hundreds of elderly people has been arrested, Europol has announced. After a joint operation in Germany, Poland, and the UK, Europol says the suspect was arrested in London from where he ran a network of fraudsters targeting mainly German...

WooCommerce Payments - Unauthorized Admin Access

An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the....

Exploit for Command Injection in Chamilo

CHAMILO-CVE-2023-34960 Python 2.7 Buy Coffee : Bitcoin...

Exploit for Improper Authentication in Wpdeveloper Essential Addons For Elementor

WP-CVE-2023-32243 Python 2.7 Buy Coffee : Bitcoin $:...

"Free" Evil Dead Rise movie scam lurks in Amazon listings

Scammers are using a novel technique with Amazon listings to trick fans of Evil Dead into downloads they may not want, and expensive rolling payments they have no interest in. Evil Dead Rise, the breakout horror film of 2023, started with big cinema numbers and has moved on to a victory lap in...

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 19, 2023 to June 25, 2023)

Last week, there were 84 vulnerabilities disclosed in 76 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 42 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in....

U.K. Cyber Thug “PlugwalkJoe” Gets 5 Years in Prison

Joseph James "PlugwalkJoe" O'Connor, a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter, has been sentenced to five years in a U.S. prison. That may seem like harsh punishment for a brief and very public cyber joy ride. But...

SupremeBot and Mario cross the finish line together

Researchers have reported how popular game installers like Super Mario Games are being used to deliver malware. The malicious components include cryptominers, the SupremeBot mining client, and the open-source Umbral stealer. The game installers route offers some very distinct advantages to the...

Fedora 37 : chromium (2023-1b99669138)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1b99669138 advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption...

Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack

An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an Apple macOS backdoor called JokerSpy. Elastic Security Labs, which is monitoring the intrusion set under the name REF9134, said the attack led to the installation of Swiftbelt, a...

Twitter Hacker Sentenced to 5 Years in Prison for $120,000 Crypto Scam

A U.K. citizen who took part in the massive July 2020 hack of Twitter has been sentenced to five years in prison in the U.S. Joseph James O'Connor (aka PlugwalkJoe), 24, was awarded the sentence on Friday in the Southern District of New York, a little over a month after he pleaded guilty to the...

Use After Free

Google Chrome is vulnerable to Use After Free. The vulnerability exists in the autofill payments of the library, which allows an attacker to cause heap corruptions via a maliciously crafted HTML...