![]() ![]() The Loginizer security plugin for WordPress, which has more than a million active installations, was forcibly patched by the CMS platform this week after WP Deeply researchers disclosed a dangerous vulnerability. Emergency WordPress patch for SQL injection attack The origin lies in the way a hacker could execute malicious JavaScript code on this website to force the browser to update the address bar to another address of the attacker’s preference, all while the page loads. This would then lead the user to a malicious site disguised as a legitimate site, on which they could download a malicious file, or hand over personal information. The vulnerability could allow an attacker to set up a malicious website and tempt a victim into opening a link from a spoofed email or text message. Several popular mobile web browsers, including Safari and Opera Touch, are susceptible to exploitation due to a web address spoofing bug that could allow hackers to perform spear-phishing attacks, or deploy malware. Address spoofing bug hits widely-used mobile browsers This includes well-known platforms like WordPress. This particular flaw is known and patchable, but the botnet has capitalised on the surge in the companies disrupted by coronavirus, which now require easy-to-use web frameworks to move their business online. Spread across 30 countries, and conducting millions of attacks each day, this botnet exploits a decade-old PHPUnite remote code execution flaw to attack CMS platforms, mainly due to their generally poor cyber hygiene. The existence of one of the most sophisticated active botnets was disclosed this week, with researchers detailing how KashmirBlack, as it’s called, has compromised hundreds of thousands of systems to attack content management systems (CMS). KashmirBlack botnet hitting CMS platforms There are no workarounds available at this time, with cisco recommending that customers do not use vCenter 7.0 GA or vCenter 7.0 U1 until they are qualified and listed as a supported combination in the HyperFlex Data Platform release notes. This results in the loss of cluster availability, and sometimes can even render the HyperFlex storage cluster “unrecoverable”. The bug, which affects HyperFlex controllers managed by the vCenter ESX Agent Manager (EAM) service, causes affected HyperFlex clusters to encounter an issue where HyperFlex controller VMs suddenly power off and are deleted. This week Cisco warned HyperFlex users that a VMware coding bug in vCenter Server 7.0 U1may leave their hyperconverged infrastructure installations in an ‘unrecoverable’ state. VMware software breaking Cisco HyperFlex clusters Hackers could exploit this by creating a malicious file, naming it powershell.exe, and copying it into every directory they have access to, which would allow them to achieve elevation of privileges on systems running Citrix Gateway Plug-In for Windows. As powershell.exe is invoked in file name only, Windows searches through multiple directories to find it. Tagged as CVE-2020-8257 and CVE-2020-8258, these two vulnerabilities lie in the way the Citrix Gateway Service runs as SYSTEM, and executes a periodic PowerShell script every five minutes, also executed as SYSTEM. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |