WordPress Bitcoin Payments – Blockonomics Security Vulnerabilities

Cybersecurity hotlines at colleges could go a long way toward filling the skills gap

Welcome to this week's edition of the Threat Source newsletter. I recently stumbled upon news that the University of Texas at Austin is launching a new cybersecurity clinic run by faculty and students studying security and IT at the university. This clinic offers pro-bono cybersecurity services --....

CVE-2023-35917

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4...

CVE-2023-35917

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4...

Cross site request forgery (csrf)

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4...

CVE-2023-35917 WordPress WooCommerce PayPal Payments Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin &lt;= 2.0.4...

WooCommerce Payments < 4.5.1 - Intent Parameter Tampering

The plugin allows customer to complete an order on a merchant’s site without paying for...

Microsoft Edge (Chromium) < 114.0.1823.51 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 114.0.1823.51. It is, therefore, affected by multiple vulnerabilities as referenced in the June 15, 2023 advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker...

WooCommerce PayPal Payments < 2.0.5 - Merchant ID Details Update via CSRF

The plugin does not have CSRF checks when updating the merchant ID details, which could allow attackers to make logged in users update them via a CSRF...

A week in security (June 12 - 18)

Last week on Malwarebytes Labs: MOVEit discloses THIRD critical vulnerability Fake security researchers push malware files on GitHub LockBit ransomware advisory from CISA provides interesting insights Microsoft fixes six critical vulnerabilities in June Patch Tuesday Update Chrome now! Google...

Fedora 38 : chromium (2023-5f35718d4c)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5f35718d4c advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption...

openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0132-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0132-1 advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap...

Active exploitation of the MOVEit Transfer vulnerability — CVE-2023-34362 — by Clop ransomware group

Cisco Talos is monitoring recent reports of exploitation attempts against CVE-2023-34362, a SQL injection zero-day vulnerability in the MOVEit Transfer managed file transfer (MFT) solution that has been actively targeted since late May 2023. Successful exploitation could lead to remote code...

Activities in the Cybercrime Underground Require a New Approach to Cybersecurity

As Threat Actors Continuously Adapt their TTPs in Today's Threat Landscape, So Must You Earlier this year, threat researchers at Cybersixgill released the annual report, The State of the Cybercrime Underground. The research stems from an analysis of Cybersixgill's collected intelligence items...

Debian DSA-5428-1 : chromium - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5428 advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a...

Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency

Ransomware actors and cryptocurrency scammers have joined nation-state actors in abusing cloud mining services to launder digital assets, new findings reveal. "Cryptocurrency mining is a crucial part of our industry, but it also holds special appeal to bad actors, as it provides a means to acquire....

LockBit Ransomware Evolving Tactics and Pervasive Impact in 2023

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LockBit ransomware is a highly impactful Ransomware-as-a-Service (RaaS) variant that targets critical sectors globally. Since 2020, victims in the US alone have paid around $91 million in ransom payments.....

Chromium: CVE-2023-3214 Use after free in Autofill payments

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...

LockBit Ransomware Extorts $91 Million from U.S. Companies

The threat actors behind the LockBit ransomware-as-a-service (RaaS) scheme have extorted $91 million following hundreds of attacks against numerous U.S. organizations since 2020. That's according to a joint bulletin published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the....

KLA50362 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: Use after free vulnerability in WebRTC can be exploited to cause denial of service or...

Security Bulletin: IBM App Connect for Healthcare is affected by multiple Apache vulnerabilities

Summary IBM App Connect for Healthcare has multiple vulnerabilities. (CVE-2014-0107, CVE-2022-34169, CVE-2013-0248, CVE-2016-3092, CVE-2016-1000031, CVE-2014-0050, CVE-2013-2186, CVE-2012-5783, CVE-2021-29425, CVE-2023-24998, IBM X-FORCE ID 220723). The fix provided resolves these issues....

Security Bulletin: Apache Commons FileUpload vulnerability affects IBM Financial Transaction Manager (CVE-2023-24998)

Summary A vulnerability in Apache Commons FileUpload and Tomcat that could cause a Denial Of Service(DoS) attack was addressed. Vulnerability Details ** CVEID: CVE-2023-24998 DESCRIPTION: **Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number...

Understanding Ransomware Threat Actors: LockBit

SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array of critical infrastructure sectors, including financial services, food.....

Update Chrome now! Google fixes critical vulnerability in Autofill payments

Google has released a Chrome update which includes five security fixes. One of these security fixes is for a critical vulnerability in Autofill payments. Google labels vulnerabilities as critical if they allow an attacker to run arbitrary code on the underlying platform with the user's privileges.....

Upgraded Q -> 2 from #327 [1686724891862]

Judge has assessed an item in Issue #327 as 2 risk. The relevant finding follows: L-04 addBid does not increment the endBlock of the auction when it is close to the end, preventing the protocol from capturing extra value When an Auction is created, it sets a lotItem.endBlock. This value remains...

Google Chrome Security Updates (stable-channel-update-for-desktop_13-2023-06) - Linux

Google Chrome is prone to multiple ...

Google Chrome Security Updates (stable-channel-update-for-desktop_13-2023-06) - Windows

Google Chrome is prone to multiple...

Google Chrome Security Updates (stable-channel-update-for-desktop_13-2023-06) - Mac OS X

Google Chrome is prone to multiple ...

Exploit for Improper Access Control in Papercut Papercut Mf

CVE-2023-27350 Python 2.7 Buy Coffee : Bitcoin...

2 Russians charged in Mt. Gox Bitcoin heist and BTC-e money laundering

By Habiba Rashid Accused individuals allegedly conspired to launder around 647,000 stolen Bitcoins from Mt. Gox, leading to its collapse. This is a post from HackRead.com Read the original post: 2 Russians charged in Mt. Gox Bitcoin heist and BTC-e money...

CVE-2023-3214

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

CVE-2023-3214

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

CVE-2023-3214

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

CVE-2023-3214

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

Design/Logic Flaw

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

CVE-2023-3214

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack

The U.S. Department of Justice (DoJ) has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-defunct cryptocurrency exchange Mt. Gox. According to unsealed indictments released last week, Alexey Bilyuchenko, 43, and Aleksandr Verner, 29, have been...

KLA50323 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: Use after free vulnerability in WebRTC can be exploited to cause denial of service or execute...

Skuld: The Infostealer that Speaks Golang

Skuld: The Infostealer that Speaks Golang By Ernesto Fernández Provecho · June 13, 2023 In May 2023, the Trellix Advanced Research Center discovered a new Golang stealer, known as Skuld, that compromised systems worldwide, something that security researchers had also noticed. The usage of Golang,.....

FreeBSD : chromium -- multiple vulnerabilities (1567be8c-0a15-11ee-8290-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1567be8c-0a15-11ee-8290-a8a1599412c6 advisory. Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote...

Google Chrome < 114.0.5735.133 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 114.0.5735.133. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023_06_stable-channel-update-for-desktop_13 advisory. Use after free in Autofill payments. (CVE-2023-3214) Use after free in...

Google Chrome < 114.0.5735.133 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 114.0.5735.133. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023_06_stable-channel-update-for-desktop_13 advisory. Use after free in Autofill payments. (CVE-2023-3214) Use after free...

CVE-2023-3214

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Notes Author| Note ---|--- alexmurray | The Debian chromium source package is called...

Skuld: The Infostealer that Speaks Golang

Skuld: The Infostealer that Speaks Golang By Ernesto Fernández Provecho · June 13, 2023 In May 2023, the Trellix Advanced Research Center discovered a new Golang stealer, known as Skuld, that compromised systems worldwide, something that security researchers had also noticed. The usage of Golang,.....

Stable Channel Update for Desktop

The Stable and extended stable channels has been updated to 114.0.5735.133 for Mac and Linux and 114.0.5735.133/134 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Security Fixes and Rewards Note: Access to bug details...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 5 security fixes: [1450568] Critical CVE-2023-3214: Use after free in Autofill payments. Reported by Rong Jian of VRI on 2023-06-01 [1446274] High CVE-2023-3215: Use after free in WebRTC. Reported by asnine on 2023-05-17 [1450114] High CVE-2023-3216:...

Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency

Introduction Stealing cryptocurrencies is nothing new. For example, the Mt. Gox exchange was robbed of many bitcoins back in the beginning of 2010s. Attackers such as those behind the Coinvault ransomware were after your Bitcoin wallets, too. Since then, stealing cryptocurrencies has continued to.....

Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme

A previously undetected cryptocurrency scam has leveraged a constellation of over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021. "This massive campaign has likely resulted in thousands of people being scammed worldwide," Trend Micro researchers.....

Threat Roundup for June 2 to June 9

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 2 and June 9. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Security Bulletin: Dojo vulnerability affects IBM Financial Transaction Manager for Digital Payments, High Value Payments and Corporate Payment Services [CVE-2021-23450]

Summary A vulnerability in Dojo that could allow arbitrary code execution was addressed. [CVE-2021-23450] Vulnerability Details ** CVEID: CVE-2021-23450 DESCRIPTION: **Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the setObject...

Aunction DOS

Lines of code https://github.com/code-423n4/2023-06-stader/blob/7566b5a35f32ebd55d3578b8bd05c038feb7d9cc/contracts/Auction.sol#L38 https://github.com/code-423n4/2023-06-stader/blob/7566b5a35f32ebd55d3578b8bd05c038feb7d9cc/contracts/Auction.sol#L48-L50...