Author: Admin

September 6, 2024Ravi LakshmananWordPress Security / Webinar Cybersecurity researchers have discovered another critical security flaw in the LiteSpeed ​​Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, identified as CVE-2024-44000 (CVSS score: 7.5), affects versions up to and including 6.4.1. This was resolved in version 6.5.0.1. “The plug-in suffers from an unauthenticated account hijacking vulnerability that allows any unauthenticated visitor to gain authentication access to any logged-in user, and in the worst case, gain access to the administrator role, allowing malicious plug-ins to be downloaded and installed” , — Rafi, Patchstack researcher.…

September 6, 2024Ravi LakshmananPrivacy / Data Security Telegram CEO Pavel Durau has broken his silence nearly two weeks after his arrest in France, saying the allegations are false. Durov: “If a country is dissatisfied with an Internet service, the accepted practice is to sue the service itself.” said in a 600-word statement on his Telegram account. “Using pre-smartphone-era laws to charge a CEO with crimes committed by third parties on a platform he controls is the wrong approach.” He was a fool is charged late last month for facilitating various forms of criminal activity on Telegram, including drug trafficking and…

September 6, 2024Ravi LakshmananCyber ​​Security / Vulnerability A new security flaw has appeared addressed in the Apache OFBiz open source enterprise resource planning (ERP) system, which, if successfully exploited, could lead to unauthenticated remote code execution on Linux and Windows. A high severity vulnerability tracked as CVE-2024-45195 (CVSS score: 7.5), affects all software versions until 12/18/16. “An attacker without valid credentials exploits missing browser authorization checks in a web application to execute arbitrary code on the server,” Ryan Emmons, Rapid7 Security Researcher. said in a new report. It should be noted that CVE-2024-45195 is a workaround for a sequence of…

September 5, 2024Ravi LakshmananThreat Prevention / Software Security Veeam has sent security updates to address a total of 18 security flaws affecting its software products, including five critical vulnerabilities that could lead to remote code execution. The list of disadvantages is given below – CVE-2024-40711 (CVSS score: 9.8) – Vulnerability in Veeam Backup & Replication that allows unauthenticated remote code execution. CVE-2024-42024 (CVSS score: 9.1) – Vulnerability in Veeam ONE that could allow an attacker with agent service account credentials to perform remote code execution on the host machine CVE-2024-42019 (CVSS score: 9.0) – Vulnerability in Veeam ONE that allows…

September 5, 2024Ravi LakshmananMalware / Human rights Unnamed government entities in the Middle East and Malaysia are being targeted by an ongoing cyber campaign from June 2023 by an attacker known as Tropic Trooper. “The detection of this group (tactics, methods and procedures) in critical government structures in the Middle East, especially those involved in the study of human rights, represents a new strategic move for them,” – Sherif Magdi, Kaspersky security researcher. said. A Russian cybersecurity vendor said it detected activity in June 2024 after discovering a new version of the China Chopper web shell, a tool used by…

The US Department of Justice announced on Wednesday the seizure of 32 Internet domains used in a pro-Russian propaganda operation called Double as part of a broad set of activities. Accusing a Russian government-run foreign influence criminal enterprise of violating US money laundering and criminal trademark laws, the agency accused the companies Social Design Agency (SDA), Structura National Technology (Structura) and ANO Dialog of working at the behest of Russia. Administration of the President. That’s the goal saidconsists of “the covert dissemination of Russian government propaganda to reduce international support for Ukraine, strengthen pro-Russian policies and interests, and influence voters…

September 5, 2024Hacker newsThreat detection / vulnerability management It’s been ten years since the National Institute of Standards and Technology (NIST) unveiled its Cyber ​​Security Framework (CSF) 1.0. Created by a 2013 executive order, NIST was tasked with developing a voluntary cybersecurity framework to help organizations manage cyber risks by providing guidance based on established standards and best practices. While this version was originally tailored for mission-critical infrastructure, the 2018 version 1.1 was designed for any organization committed to managing cybersecurity risks. CSF is a valuable tool for organizations looking to assess and improve their security. The framework helps security…

September 5, 2024Ravi LakshmananCyber ​​threats / malware According to new findings from Cisco Talos, threat actors are likely using a tool designed for red teaming exercises to serve up malware. The program under consideration is a payload generation structure named MacroPackwhich is used to create Office documents, Visual Basic scripts, Windows shortcuts, and other formats for penetration testing and social engineering assessments. It was developed by French developer Emerick Nassy. The cybersecurity firm said it discovered artifacts uploaded to VirusTotal from China, Pakistan, Russia, and the United States that were created by MacroPack and used to deliver various payloads such…

September 5, 2024Ravi LakshmananCyber ​​attack / malware A Chinese-language threat actor known as Earth Lusca has been spotted using a new backdoor called KTLVdoor as part of a cyber attack targeting an unnamed trading company in China. The previously unreported malware is written in the Golang language and is therefore a cross-platform weapon capable of targeting both Microsoft Windows and Linux systems. “KTLVdoor is a highly obfuscated malware that masquerades as various system utilities, allowing attackers to perform a variety of tasks including file manipulation, command execution, and remote port scanning,” Trend Micro researchers Cedric Pernet and Jaromir Khareisi said…

September 5, 2024Ravi Lakshmanan Cisco has released security updates for two critical security vulnerabilities affecting the Smart Licensing Utility that could allow unauthenticated remote attackers to elevate their privileges or gain access to sensitive information. A brief description of the two vulnerabilities is given below − CVE-2024-20439 (CVSS Score: 9.8) – Undocumented static user credentials for the administrator account that an attacker could use to log into a compromised system CVE-2024-20440 (CVSS Score: 9.8) – An excessively verbose debug log file vulnerability could be used by an attacker to access such files via a crafted HTTP request and obtain exploitable…