Cybersecurity hotlines at colleges could go a long way toward filling the skills gap
Welcome to this week's edition of the Threat Source newsletter. I recently stumbled upon news that the University of Texas at Austin is launching a new cybersecurity clinic run by faculty and students studying security and IT at the university. This clinic offers pro-bono cybersecurity services --....
9.8CVSS
9.2AI Score
0.957EPSS
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4...
8.8CVSS
5.8AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4...
8.8CVSS
8.8AI Score
0.001EPSS
Cross site request forgery (csrf)
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4...
8.8CVSS
8.7AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4...
4.3CVSS
9AI Score
0.001EPSS
WooCommerce Payments < 4.5.1 - Intent Parameter Tampering
The plugin allows customer to complete an order on a merchant’s site without paying for...
6.8AI Score
Microsoft Edge (Chromium) < 114.0.1823.51 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 114.0.1823.51. It is, therefore, affected by multiple vulnerabilities as referenced in the June 15, 2023 advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker...
8.8CVSS
9.4AI Score
0.005EPSS
WooCommerce PayPal Payments < 2.0.5 - Merchant ID Details Update via CSRF
The plugin does not have CSRF checks when updating the merchant ID details, which could allow attackers to make logged in users update them via a CSRF...
8.8CVSS
8.7AI Score
0.001EPSS
A week in security (June 12 - 18)
Last week on Malwarebytes Labs: MOVEit discloses THIRD critical vulnerability Fake security researchers push malware files on GitHub LockBit ransomware advisory from CISA provides interesting insights Microsoft fixes six critical vulnerabilities in June Patch Tuesday Update Chrome now! Google...
7.1AI Score
Fedora 38 : chromium (2023-5f35718d4c)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5f35718d4c advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption...
8.8CVSS
9.4AI Score
0.005EPSS
openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0132-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0132-1 advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap...
8.8CVSS
9.4AI Score
0.005EPSS
Active exploitation of the MOVEit Transfer vulnerability — CVE-2023-34362 — by Clop ransomware group
Cisco Talos is monitoring recent reports of exploitation attempts against CVE-2023-34362, a SQL injection zero-day vulnerability in the MOVEit Transfer managed file transfer (MFT) solution that has been actively targeted since late May 2023. Successful exploitation could lead to remote code...
9.8CVSS
10.9AI Score
0.957EPSS
Activities in the Cybercrime Underground Require a New Approach to Cybersecurity
As Threat Actors Continuously Adapt their TTPs in Today's Threat Landscape, So Must You Earlier this year, threat researchers at Cybersixgill released the annual report, The State of the Cybercrime Underground. The research stems from an analysis of Cybersixgill's collected intelligence items...
7AI Score
Debian DSA-5428-1 : chromium - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5428 advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a...
8.8CVSS
9.4AI Score
0.005EPSS
Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency
Ransomware actors and cryptocurrency scammers have joined nation-state actors in abusing cloud mining services to launder digital assets, new findings reveal. "Cryptocurrency mining is a crucial part of our industry, but it also holds special appeal to bad actors, as it provides a means to acquire....
6.8AI Score
LockBit Ransomware Evolving Tactics and Pervasive Impact in 2023
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LockBit ransomware is a highly impactful Ransomware-as-a-Service (RaaS) variant that targets critical sectors globally. Since 2020, victims in the US alone have paid around $91 million in ransom payments.....
6.9AI Score
Chromium: CVE-2023-3214 Use after free in Autofill payments
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
8.8CVSS
6.9AI Score
0.004EPSS
LockBit Ransomware Extorts $91 Million from U.S. Companies
The threat actors behind the LockBit ransomware-as-a-service (RaaS) scheme have extorted $91 million following hundreds of attacks against numerous U.S. organizations since 2020. That's according to a joint bulletin published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the....
7.6AI Score
KLA50362 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: Use after free vulnerability in WebRTC can be exploited to cause denial of service or...
8.8CVSS
9.7AI Score
0.005EPSS
Security Bulletin: IBM App Connect for Healthcare is affected by multiple Apache vulnerabilities
Summary IBM App Connect for Healthcare has multiple vulnerabilities. (CVE-2014-0107, CVE-2022-34169, CVE-2013-0248, CVE-2016-3092, CVE-2016-1000031, CVE-2014-0050, CVE-2013-2186, CVE-2012-5783, CVE-2021-29425, CVE-2023-24998, IBM X-FORCE ID 220723). The fix provided resolves these issues....
7.5CVSS
8.6AI Score
0.164EPSS
Summary A vulnerability in Apache Commons FileUpload and Tomcat that could cause a Denial Of Service(DoS) attack was addressed. Vulnerability Details ** CVEID: CVE-2023-24998 DESCRIPTION: **Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number...
7.5CVSS
6.7AI Score
0.034EPSS
Understanding Ransomware Threat Actors: LockBit
SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array of critical infrastructure sectors, including financial services, food.....
10CVSS
9.4AI Score
0.976EPSS
Update Chrome now! Google fixes critical vulnerability in Autofill payments
Google has released a Chrome update which includes five security fixes. One of these security fixes is for a critical vulnerability in Autofill payments. Google labels vulnerabilities as critical if they allow an attacker to run arbitrary code on the underlying platform with the user's privileges.....
8.8CVSS
7.4AI Score
0.004EPSS
Upgraded Q -> 2 from #327 [1686724891862]
Judge has assessed an item in Issue #327 as 2 risk. The relevant finding follows: L-04 addBid does not increment the endBlock of the auction when it is close to the end, preventing the protocol from capturing extra value When an Auction is created, it sets a lotItem.endBlock. This value remains...
6.7AI Score
Google Chrome Security Updates (stable-channel-update-for-desktop_13-2023-06) - Linux
Google Chrome is prone to multiple ...
8.8CVSS
8.6AI Score
0.005EPSS
Google Chrome Security Updates (stable-channel-update-for-desktop_13-2023-06) - Windows
Google Chrome is prone to multiple...
8.8CVSS
8.7AI Score
0.005EPSS
Google Chrome Security Updates (stable-channel-update-for-desktop_13-2023-06) - Mac OS X
Google Chrome is prone to multiple ...
8.8CVSS
8.6AI Score
0.005EPSS
Exploit for Improper Access Control in Papercut Papercut Mf
CVE-2023-27350 Python 2.7 Buy Coffee : Bitcoin...
9.8CVSS
9.9AI Score
0.971EPSS
2 Russians charged in Mt. Gox Bitcoin heist and BTC-e money laundering
By Habiba Rashid Accused individuals allegedly conspired to launder around 647,000 stolen Bitcoins from Mt. Gox, leading to its collapse. This is a post from HackRead.com Read the original post: 2 Russians charged in Mt. Gox Bitcoin heist and BTC-e money...
6.9AI Score
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
8.8CVSS
8.8AI Score
0.004EPSS
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
8.8CVSS
9AI Score
0.004EPSS
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
8.8CVSS
6.2AI Score
0.004EPSS
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
8.8CVSS
6.7AI Score
0.004EPSS
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
8.8CVSS
8.8AI Score
0.004EPSS
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
9.1AI Score
0.004EPSS
Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack
The U.S. Department of Justice (DoJ) has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-defunct cryptocurrency exchange Mt. Gox. According to unsealed indictments released last week, Alexey Bilyuchenko, 43, and Aleksandr Verner, 29, have been...
6.8AI Score
KLA50323 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: Use after free vulnerability in WebRTC can be exploited to cause denial of service or execute...
8.8CVSS
9.7AI Score
0.005EPSS
Skuld: The Infostealer that Speaks Golang
Skuld: The Infostealer that Speaks Golang By Ernesto Fernández Provecho · June 13, 2023 In May 2023, the Trellix Advanced Research Center discovered a new Golang stealer, known as Skuld, that compromised systems worldwide, something that security researchers had also noticed. The usage of Golang,.....
7AI Score
FreeBSD : chromium -- multiple vulnerabilities (1567be8c-0a15-11ee-8290-a8a1599412c6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1567be8c-0a15-11ee-8290-a8a1599412c6 advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote...
8.8CVSS
9.4AI Score
0.005EPSS
Google Chrome < 114.0.5735.133 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 114.0.5735.133. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023_06_stable-channel-update-for-desktop_13 advisory. Use after free in Autofill payments. (CVE-2023-3214) Use after free in...
8.8CVSS
9.3AI Score
0.005EPSS
Google Chrome < 114.0.5735.133 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 114.0.5735.133. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023_06_stable-channel-update-for-desktop_13 advisory. Use after free in Autofill payments. (CVE-2023-3214) Use after free...
8.8CVSS
9.3AI Score
0.005EPSS
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Notes Author| Note ---|--- alexmurray | The Debian chromium source package is called...
8.8CVSS
6.7AI Score
0.004EPSS
Skuld: The Infostealer that Speaks Golang
Skuld: The Infostealer that Speaks Golang By Ernesto Fernández Provecho · June 13, 2023 In May 2023, the Trellix Advanced Research Center discovered a new Golang stealer, known as Skuld, that compromised systems worldwide, something that security researchers had also noticed. The usage of Golang,.....
7.4AI Score
Stable Channel Update for Desktop
The Stable and extended stable channels has been updated to 114.0.5735.133 for Mac and Linux and 114.0.5735.133/134 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Security Fixes and Rewards Note: Access to bug details...
8.8CVSS
6.6AI Score
0.005EPSS
chromium -- multiple vulnerabilities
Chrome Releases reports: This update includes 5 security fixes: [1450568] Critical CVE-2023-3214: Use after free in Autofill payments. Reported by Rong Jian of VRI on 2023-06-01 [1446274] High CVE-2023-3215: Use after free in WebRTC. Reported by asnine on 2023-05-17 [1450114] High CVE-2023-3216:...
8.8CVSS
7.4AI Score
0.005EPSS
Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency
Introduction Stealing cryptocurrencies is nothing new. For example, the Mt. Gox exchange was robbed of many bitcoins back in the beginning of 2010s. Attackers such as those behind the Coinvault ransomware were after your Bitcoin wallets, too. Since then, stealing cryptocurrencies has continued to.....
7.2AI Score
Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme
A previously undetected cryptocurrency scam has leveraged a constellation of over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021. "This massive campaign has likely resulted in thousands of people being scammed worldwide," Trend Micro researchers.....
7.2AI Score
Threat Roundup for June 2 to June 9
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 2 and June 9. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...
6.4AI Score
Summary A vulnerability in Dojo that could allow arbitrary code execution was addressed. [CVE-2021-23450] Vulnerability Details ** CVEID: CVE-2021-23450 DESCRIPTION: **Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the setObject...
9.8CVSS
8.1AI Score
0.01EPSS
Lines of code https://github.com/code-423n4/2023-06-stader/blob/7566b5a35f32ebd55d3578b8bd05c038feb7d9cc/contracts/Auction.sol#L38 https://github.com/code-423n4/2023-06-stader/blob/7566b5a35f32ebd55d3578b8bd05c038feb7d9cc/contracts/Auction.sol#L48-L50...
6.8AI Score