Modicon M340, Modicon Premium, Modicon Quantum, Bmxnor0200 Security Vulnerabilities

Citrix SDWAN Security Bulletin for CVE-2024-2049

A vulnerability has been identified that impacts Citrix SD-WAN Affected Versions: The vulnerability affects the following supported versions of Citrix SD-WAN SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 Summary: SDWAN contains the vulnerability mentioned...

KB5035962: Servicing stack update for Windows 10, version 1607 and Server 2016: March 12, 2024

KB5035962: Servicing stack update for Windows 10, version 1607 and Server 2016: March 12, 2024 REMINDER Windows 10, version 1607 Mobile and Mobile Enterprise editions reached the end of support (EOS) on October 9, 2018. These editions will no longer be offered servicing stack updates. Windows...

Going viral shouldn’t lead to bomb threats, with Leigh Honeywell: Lock and Code S05E06

This week on the Lock and Code podcast… A disappointing meal at a restaurant. An ugly breakup between two partners. A popular TV show that kills off a beloved, main character. In a perfect world, these are irritations and moments of vulnerability. But online today, these same events can sometimes.....

Unauthenticated Stored XSS Vulnerability Patched in Ultimate Member WordPress Plugin

On February 28th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated stored Cross-Site Scripting (XSS) vulnerability in Ultimate Member, a WordPress plugin with more than 200,000+ active installations. This vulnerability can be leveraged to inject...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 26, 2024 to March 3, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 121 vulnerabilities disclosed in 88...

Premium Addons PRO < 2.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multi Scroll Widget

Description The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'navigation_dots' parameter of the Multi Scroll Widget in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping. This makes it possible for...

Premium Addons PRO < 2.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Premium Magic Scroll Module

Description The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Premium Magic Scroll module in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with....

Premium Addons PRO < 2.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Mouse Cursor Module

Description The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom Mouse Cursor module in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with.....

Premium Addons PRO < 2.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Global Badge Module

Description The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Global Badge module in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

Premium Addons PRO < 2.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Messenger Chat Widget

Description The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'premium_fbchat_app_id' parameter of the Messenger Chat Widget in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping. This makes it...

ALPHV ransomware gang fakes own death, fools no one

For the second time in only four months, all is not well on the ALPHV (aka BlackCat) ransomware gang's dark web site. Gone are the lists of compromised victims. In their place, a veritable garden of law enforcement badges has sprouted beneath the ominous message "THIS WEBSITE HAS BEEN SEIZED." The....

BIT-gitlab-2022-1680

An account takeover issue has been discovered in GitLab EE affecting all versions starting from 11.10 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. When group SAML SSO is configured, the SCIM feature (available only on Premium+...

BIT-node-2021-23840

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating...

BIT-gitlab-2023-6564

An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or.....

Premium Addons for Elementor PRO < 2.9.13 - Authenticated(Contributor+) Stored Cross-Site Scripting via widget link

Description The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's IHover widget link in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

Badgerboard: A PLC backplane network visibility module

Analysis of the traffic between networked devices has always been of interest since devices could even communicate with one another. As the complexity of networks grew, the more useful dedicated traffic analysis tools became. Major advancements have been made over the years with tools like Snort...

No “Apple magic” as 11% of macOS detections last year came from malware

We’re going to let you in on a little cybersecurity secret… There’s malware on Mac computers. There pretty much always has been. As revealed in our 2024 ThreatDown State of Malware report, a full 11% of all detections recorded by Malwarebytes on Mac computers in 2023 were for different variants of....

What is Exposure Management and How Does it Differ from ASM?

Startups and scales-ups are often cloud-first organizations and rarely have sprawling legacy on-prem environments. Likewise, knowing the agility and flexibility that cloud environments provide, the mid-market is predominantly running in a hybrid state, partly in the cloud but with some on-prem...

openSUSE: Security Advisory for ImageMagick (SUSE-SU-2023:3186-1)

The remote host is missing an update for...

Why Apple added protection against quantum computing when quantum computing doesn’t even exist yet

Apple released a new update for nearly all its devices that provides an all-new type of encryption for its iMessages to the point that, in theory, iMessages are now protected against attacks from quantum computers. This is a little tricky because, as we've covered before, quantum computers don't...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 19, 2024 to February 25, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 83 vulnerabilities disclosed in 57 WordPress.....

CVE-2024-1242

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 4.10.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-1242

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 4.10.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

Cross site scripting

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 4.10.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

Visual Composer Premium < 45.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom fields in all versions up to, and including, 45.6.0 due to insufficient input.....

Premium Addons for Elementor < 4.10.22 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the Image Settings URL of the Banner, Team Members, and Image Scroll widgets due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and...

$2,751 Bounty Awarded for Arbitrary File Upload Vulnerability Patched in Avada WordPress Theme

🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 6th, 2024, during our second Bug Bounty...

Android banking trojans: How they steal passwords and drain bank accounts

For the most popular operating system in the world—which is Android and it isn’t even a contest—there’s a sneaky cyberthreat that can empty out a person’s bank accounts to fill the illicit coffers of cybercriminals. These are “Android banking trojans,” and, according to our 2024 ThreatDown State...

How to make a fake ID online, with Joseph Cox: Lock and Code S05E05

This week on the Lock and Code podcast… For decades, fake IDs had roughly three purposes: Buying booze before legally allowed, getting into age-restricted clubs, and, we can only assume, completing nation-state spycraft for embedded informants and double agents. In 2024, that's changed, as the...

Apple Announces Post-Quantum Encryption Algorithms for iMessage

Apple announced PQ3, its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algorithms selected by NIST in 2022. There's a lot of detail in the Apple blog post, and more in Douglas Stabila's security analysis. I am of two minds about...

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable the....

$2,063 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Ultimate Member WordPress Plugin

🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! On January 30th, 2024, shortly after the launch of our...

Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage

Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 12, 2024 to February 18, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 78 vulnerabilities disclosed in 63...

Debian dsa-5628 : imagemagick - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5628 advisory. A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is...

$1,313 Bounty Awarded for Privilege Escalation Vulnerability Patched in Academy LMS WordPress Plugin

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 14th, 2024, during our second Bug Bounty...

Apple iOS 17.4: iMessage Gets Post-Quantum Encryption in New Update

Useful quantum computers aren’t a reality—yet. But in one of the biggest deployments of post-quantum encryption so far, Apple is bringing the technology to...

[updated] Vibrator virus steals your personal information

I know that some of you are expecting a post similar to that about a toothbrush botnet, but this is not a hypothetical case. It actually happened. A Malwarebytes Premium customer started a thread on Reddit saying we had blocked malware from trying to infect their computer after they connected a...

CVE-2024-1242

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 4.10.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

SQL Injection Vulnerability Patched in RSS Aggregator by Feedzy WordPress Plugin

🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 1st, 2024, during our second Bug Bounty...

Malvertising: This cyberthreat isn’t on the dark web, it’s on Google

On the internet, people need to worry about more than just opening suspicious email attachments or entering their sensitive information into harmful websites—they also need to worry about their Google searches. That’s because last year, as revealed in our 2024 ThreatDown State of Malware report,...

WordPress Premium Addons for Elementor Plugin < 4.10.17 XSS Vulnerability

The WordPress...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 5, 2024 to February 11, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 95 vulnerabilities disclosed in 65...

Siemens SCALANCE XCM-/XRM-300

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

CVE-2024-0353

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper...

ESET Smart Security Premium ekrn Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of ESET Smart Security Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ESET.....

Premium Addons for Elementor < 4.10.19 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not properly sanitize and escape its buttons' onclick attribute, making it possible for users with at least the contributor role to conduct Stored XSS...

Premium Addons for Elementor < 4.10.19 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not prevent users with at least the contributor role from conducting Stored XSS attacks via the plugin's onClick Event...

CVE-2023-6408

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle...

Malwarebytes crushes malware all the time

About a month ago, The PC Security Channel (TPSC) ran a test to check out the detection capabilities of Malwarebytes. They tested Malwarebytes by executing a repository of 2015 “malicious” files to see how many Malwarebytes would detect. This YouTube video shows how a script executes the files and....