Daily Archives: March 7, 2023

Advisories

CVE-2020-36670

Read Time:22 Second

The NEX-Forms. plugin for WordPress is vulnerable to unauthorized disclosure and modification of data in versions up to, and including 7.7.1 due to missing capability checks on several AJAX actions. This makes it possible for authenticated attackers with subscriber level permissions and above to invoke these functions which can be used to perform actions like modify form submission records, deleting files, sending test emails, modifying plugin settings, and more.

Read More

Advisories

USN-5933-1: Libtpms vulnerabilities

Read Time:20 Second

Francisco Falcon discovered that Libtpms did not properly manage memory
when performing certain cryptographic operations. An attacker could
possibly use this issue to cause a denial of service, or possibly execute
arbitrary code. (CVE-2023-1017, CVE-2023-1018)

It was discovered that Libtpms did not properly manage memory when
handling certain commands. An attacker could possibly use this issue
to cause a denial of service.

Read More

Advisories

CVE-2015-10087

Read Time:29 Second

** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in UpThemes Theme DesignFolio Plus 1.2 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 53f6ae62878076f99718e5feb589928e83c879a9. It is recommended to apply a patch to fix this issue. The identifier VDB-221809 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Read More

News

Attack campaign uses PHP-based infostealer to target Facebook business accounts

Read Time:43 Second

Over the past year, a group of attackers has targeted Facebook business account owners by spreading information stealing malware through malicious Google ads or fake Facebook profiles. The infection chain uses DLL sideloading via legitimate apps, as well as self-contained executable files written in various programming languages such as Rust, Python, and PHP.

“We have seen SYS01stealer attacking critical government infrastructure employees, manufacturing companies, and other industries,” researchers from security firm Morphisec said in a new report. “The threat actors behind the campaign are targeting Facebook business accounts by using Google ads and fake Facebook profiles that promote things like games, adult content, and cracked software, etc. to lure victims into downloading a malicious file. The attack is designed to steal sensitive information, including login data, cookies, and Facebook ad and business account information.”

To read this article in full, please click here

Read More

Advisories

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

Read Time:25 Second

Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smart phones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.

Read More