WooCommerce Payments < 4.9.0 - Subscription Suspension/Activation via CSRF
Description The plugin does not have CSRF check when suspending and activating subscriptions, which could allow attackers to make a logged in admin suspend or activate arbitrary subscription via a CSRF...
7.3AI Score
A secondhand account of the worst possible timing for a scammer to strike
Welcome to this week's edition of the Threat Source newsletter. Up until last week, I had never considered the timing of a scam to be important. I'm so used to just swiping away emails or text messages at random times during the day that I'd never considered what would happen if an adversary...
6.7AI Score
Summary There is a vulnerability in Apache Commons HttpClient used by IBM Maximo Asset Management. Vulnerability Details CVEID: CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote...
5.8AI Score
0.002EPSS
A history of ransomware: How did it get this far?
Today's ransomware is the scourge of many organizations. But where did it start? If we define ransomware as malware that encrypts files to extort the owner of the system, then the first malware that could be classified as ransomware is the 1989 AIDS Trojan. However, while it encrypted file(name)s.....
7.2AI Score
Users of X (formerly Twitter) paying for a checkmark under what used to be called Twitter Blue (now X Premium) have some biometric related decisions to make. The BBC reports that Elon Musk, having dismantled the old checkmark system to replace it with the all new Premium, is (re)introducing...
6.8AI Score
Smart chastity device exposes sensitive user data
A security breach or piece of inadvertent exposure can be a devastating thing, not just for the company impacted but also the people whose data is stolen or exposed to the world. The usual roll-call of "name, address, phone number and card details" is bad enough. If such things are tied to...
6.6AI Score
Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people...
7.9AI Score
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced.....
6.6AI Score
Malicious code in ivr-payments (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (998726f9d073fda61804b91c9c090376845bd077a3322770715d7c1f37d03449) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF024 and 23.0.1-IF002. Vulnerability Details CVEID: CVE-2021-33813 DESCRIPTION: JDOM is vulnerable to a denial of service,....
9.8CVSS
9.2AI Score
EPSS
Threat Actors Targeting Microsoft SQL Servers to Deploy FreeWorld Ransomware
Threat actors are exploiting poorly secured Microsoft SQL (MS SQL) servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix, which has dubbed the campaign DB#JAMMER, said it stands out for the way the toolset and infrastructure is employed. "Some of...
7.2AI Score
App Pin security issue exposes payment cards in Google Wallet to unauthorized payments
In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no...
5.5CVSS
6.4AI Score
0.0004EPSS
Identification and Disruption of QakBot Infrastructure
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) to disseminate QakBot infrastructure indicators of compromise (IOCs) identified through FBI investigations as of August 2023. On...
9.6AI Score
Decoding the DNA of Ransomware Attacks: Unveiling the Anatomy Behind the Threat
Decoding the DNA of Ransomware Attacks: Unveiling the Anatomy Behind the Threat By Trellix Advanced Research Center · August 28, 2023 Introduction Ransomware, a malicious software that encrypts valuable data and demands a ransom for its release, has a notorious history marked by its evolution from....
8AI Score
Decoding the DNA of Ransomware Attacks: Unveiling the Anatomy Behind the Threat
Decoding the DNA of Ransomware Attacks: Unveiling the Anatomy Behind the Threat By Trellix Advanced Research Center · August 28, 2023 Introduction Ransomware, a malicious software that encrypts valuable data and demands a ransom for its release, has a notorious history marked by its evolution from....
7.6AI Score
LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants
The leak of the LockBit 3.0 ransomware builder last year has led to threat actors abusing the tool to spawn new variants. Russian cybersecurity company Kaspersky said it detected a ransomware intrusion that deployed a version of LockBit but with a markedly different ransom demand procedure. "The...
7.7AI Score
Lockbit leak, research opportunities on tools leaked from TAs
Lockbit is one of the most prevalent ransomware strains. It comes with an affiliate ransomware-as-a-service (RaaS) program offering up to 80% of the ransom demand to participants, and includes a bug bounty program for those who detect and report vulnerabilities that allow files to be decrypted...
7.3AI Score
Welcome to this week's edition of the Threat Source newsletter. I have no idea how "Fortnite" keeps coming up in this newsletter, but here we are again. Even though the game/metaverse has never been bigger, it had been a while since I had heard about "V-Bucks" scams. V-Bucks are the in-game...
6.8AI Score
North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns
The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as...
6.7AI Score
Benefits of Using an Anonymous Bitcoin Wallet in 2023
By Owais Sultan An anonymous Bitcoin wallet makes it possible to extend the level of anonymity when transferring cryptocurrencies to a… This is a post from HackRead.com Read the original post: Benefits of Using an Anonymous Bitcoin Wallet in...
6.9AI Score
Exploring the Potential Impact of a Bitcoin Spot ETF Approval
By Owais Sultan The US Securities and Exchange Commission (SEC) is currently reviewing applications from several institutions for a spot Bitcoin… This is a post from HackRead.com Read the original post: Exploring the Potential Impact of a Bitcoin Spot ETF...
7AI Score
Scattered Spider: The Modus Operandi
Scattered Spider: The Modus Operandi By Trellix · August 17, 2023 This story was also written by Phelix Oluoch Executive Summary Scattered Spider, also referred to as UNC3944, Scatter Swine, and Muddled Libra, is a financially motivated threat actor group that has been active since May 2022....
8.8AI Score
0.974EPSS
Scattered Spider: The Modus Operandi
Scattered Spider: The Modus Operandi By Trellix · August 17, 2023 This story was also written by Phelix Oluoch Executive Summary Scattered Spider, also referred to as UNC3944, Scatter Swine, and Muddled Libra, is a financially motivated threat actor group that has been active since May 2022....
9.8AI Score
0.974EPSS
Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can...
6.5CVSS
6.9AI Score
0.001EPSS
Nine years of the GitHub Security Bug Bounty program
It was another record year for our Security Bug Bounty program! We're excited to highlight some achievements we’ve made together with the bounty community in 2022! The ninth year of GitHub’s Security Bug Bounty Program saw our program reach new heights. We’re very excited to provide a look into...
7AI Score
Lolek Bulletproof Hosting Servers Seized, 5 Key Operators Arrested
European and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called Lolek Hosted, which cybercriminals have used to launch cyber-attacks across the globe. "Five of its administrators were arrested, and all of its servers seized, rendering...
7.1AI Score
Several hospitals still counting the cost of widespread ransomware attack
The 16 hospitals struck down by ransomware last week are still dealing with the fallout from the attack. The healthcare facilities located in Connecticut, Pennsylvania, Rhode island, and California had the ransomware attack confirmed by the FBI. Issues started to emerge last Thursday with patients....
6.9AI Score
Ransomware review: August 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...
7AI Score
Reflecting on supply chain attacks halfway through 2023
Welcome to this week's edition of the Threat Source newsletter. Between the Talos Takes episode last week and helping my colleague Hazel with the Half-Year in Review, I realized how much I had already forgotten about 2023 already. It's been a whirlwind, personally and professionally, and I think...
6.9AI Score
LOLKEK Ransomware Evolving New Tactics to Evade Detection
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LOLKEK ransomware is still being actively developed and uses new tactics to evade detection, including obfuscation, legitimate tools, and network shares. It encrypts all drives, including network shares,.....
6.8AI Score
Recently we pushed a report to our customers about an interesting and common component of the cybercrime malware set - SystemBC. And, in much the same vein as the 2021 Darkside Colonial Pipeline incident, we found a new SystemBC variant deployed to a critical infrastructure target. This time, the.....
7.7AI Score
Update 22.4 for Microsoft Dynamics 365 Business Central (on-premises) 2023 Release Wave 1 (Application Build 22.4.59535, Platform Build 22.0.59520) Overview This update replaces previously released updates. You should always install the latest update. This update also fixes an elevation of...
7.2CVSS
7AI Score
0.0005EPSS
FCC comes down hard on robocallers with record $300m fine
Robocallers are in the news after the FCC issued a $300 million forfeiture to a persistent offender and shut down their operation. A robocall network makes use of automated software diallers to spam out large numbers of cold calls to unsuspecting recipients. These calls promise much but give very.....
6.9AI Score
New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs
A new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with the goal of delivering a remote access trojan (RAT) capable of stealing sensitive information. Bot mitigation company Kasada said the activity is designed to....
7AI Score
In the first 6 months of 2023, our team has already added 2,471[1] individual vulnerability records to the Wordfence Intelligence WordPress Vulnerability Database. These vulnerabilities affected 1,680[2] WordPress software components. This means we have already surpassed the total number of...
9.1AI Score
Code leaks are causing an influx of new ransomware actors
Ransomware gangs are consistently rebranding or merging with other groups, as highlighted in our 2022 Year in Review, or these actors work for multiple ransomware-as-a-service (RaaS) outfits at a time, and new groups are always emerging. This trend is already continuing this year. Since 2021,...
7.2AI Score
Cisco Talos discovered an unknown threat actor, seemingly of Vietnamese origin, conducting a ransomware operation that began at least as early as June 4, 2023. This ongoing attack uses a variant of the Yashma ransomware likely to target multiple geographic areas by mimicking WannaCry...
7.6AI Score
New SkidMap Linux Malware Variant Targeting Vulnerable Redis Servers
Vulnerable Redis services have been targeted by a "new, improved, dangerous" variant of a malware called SkidMap that's engineered to target a wide range of Linux distributions. "The malicious nature of this malware is to adapt to the system on which it is executed," Trustwave security researcher.....
6.7AI Score
[M-01] Denial of Service with failed call Dos
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. External calls can fail accidentally or deliberately, which can cause a DoS condition in the contract. To minimize the damage caused by such failures, it is better to isolate each external call into its.....
7AI Score
[M-02] Denial of Service on failed call Dos
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. External calls can fail accidentally or deliberately, which can cause a DoS condition in the contract. To minimize the damage caused by such failures, it is better to isolate each external call into its.....
7AI Score
dogecoin is vulnerable to Information Disclosure. An attacker could exploit this vulnerability to steal a user's Bitcoin by obtaining their wallet.dat file. This could be done by causing the Bitcoin Core software to crash, and then extracting the wallet.dat file from the core dump...
7.5CVSS
6.6AI Score
0.002EPSS
Bitcoin and Dogecoin are vulnerable Arbitrary Code Execution. The vulnerability is due to the application unsafely passing the -platformpluginpath argument, which can be triggered by a .desktop file resulting in arbitrary code...
9.8CVSS
7.5AI Score
0.01EPSS
NY Couple Pleads Guilty to $4.5B Bitcoin Theft in Bitfinex Hack
By Waqas The guilty couple goes by the names of Ilya Lichtenstein and Heather Morgan. This is a post from HackRead.com Read the original post: NY Couple Pleads Guilty to $4.5B Bitcoin Theft in Bitfinex...
6.9AI Score
Microsoft Teams used in phishing campaign to bypass multi-factor authentication
Attackers believed to have ties to Russia's Foreign Intelligence Service (SVR) are using Microsoft Teams chats as credential theft phishing lures. Microsoft Threat Intelligence has posted details about the perceived attacks targeted at fewer than 40 unique global organizations. The targeted...
7.1AI Score
NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack
A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin. The development comes more than a year after Ilya Lichtenstein, 35, and his wife, Heather.....
6.9AI Score
On June 8, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Authentication Bypass vulnerability in WebToffee’s Stripe Payment Plugin for WooCommerce plugin, which is actively installed on more than 10,000 WordPress websites. This...
7.6AI Score
0.001EPSS
WordPress Stripe Payment Plugin For WooCommerce 3.7.7 Authentication Bypass Vulnerability
WordPress Stripe Payment Plugin for WooCommerce plugin versions 3.7.7 and below suffer from an authentication bypass...
9.8CVSS
9.9AI Score
0.001EPSS
7.1AI Score
0.001EPSS
Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security.....
9.8CVSS
10.8AI Score
0.033EPSS
Old Loader, New Threat: Exploring XWorm RAT's Distribution and Tactics
Old Loader, New Threat: Exploring XWorm RAT's Distribution and Tactics By Pratik Pachpor and Adarsh S · July 31, 2023 Executive Summary: In March-April 2023, we detected a malicious email campaign delivering .Net based XWorm RAT in which embedded blogspot.com URLs were used as an entry point....
7.4AI Score