Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites

Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites,

A critical security flaw has been disclosed in the WordPress « Abandoned Cart Lite for WooCommerce » plugin that’s installed on more than 30,000 websites.
« This vulnerability makes it possible for an attacker to gain access to the accounts of users who have abandoned their carts, who are typically customers but can extend to other high-level users when the right conditions are met, » Defiant’s

,

A critical security flaw has been disclosed in the WordPress « Abandoned Cart Lite for WooCommerce » plugin that’s installed on more than 30,000 websites.
« This vulnerability makes it possible for an attacker to gain access to the accounts of users who have abandoned their carts, who are typically customers but can extend to other high-level users when the right conditions are met, » Defiant’s

, ,
https://thehackernews.com/2023/06/critical-flaw-found-in-wordpress-plugin.html

Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari,

Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild.
This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation that has been active since 2019. The exact threat actor behind the campaign is not known.

,

Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild.
This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation that has been active since 2019. The exact threat actor behind the campaign is not known.

, ,
https://thehackernews.com/2023/06/zero-day-alert-apple-releases-patches.html

ScarCruft Hackers Exploit Ably Service for Stealthy Wiretapping Attacks

ScarCruft Hackers Exploit Ably Service for Stealthy Wiretapping Attacks,

The North Korean threat actor known as ScarCruft has been observed using an information-stealing malware with previous undocumented wiretapping features as well as a backdoor developed using Golang that exploits the Ably real-time messaging service.
« The threat actor sent their commands through the Golang backdoor that is using the Ably service, » the AhnLab Security Emergency response Center (

,

The North Korean threat actor known as ScarCruft has been observed using an information-stealing malware with previous undocumented wiretapping features as well as a backdoor developed using Golang that exploits the Ably real-time messaging service.
« The threat actor sent their commands through the Golang backdoor that is using the Ably service, » the AhnLab Security Emergency response Center (

, ,
https://thehackernews.com/2023/06/scarcruft-hackers-exploit-ably-service.html

New Report Exposes Operation Triangulation’s Spyware Implant Targeting iOS Devices

New Report Exposes Operation Triangulation’s Spyware Implant Targeting iOS Devices

,

More details have emerged about the spyware implant that’s delivered to iOS devices as part of a campaign called Operation Triangulation.
Kaspersky, which discovered the operation after becoming one of the targets at the start of the year, said the malware has a lifespan of 30 days, after which it gets automatically uninstalled unless the time period is extended by the attackers.
The Russian

,

More details have emerged about the spyware implant that’s delivered to iOS devices as part of a campaign called Operation Triangulation.
Kaspersky, which discovered the operation after becoming one of the targets at the start of the year, said the malware has a lifespan of 30 days, after which it gets automatically uninstalled unless the time period is extended by the attackers.
The Russian

, ,
https://thehackernews.com/2023/06/new-report-exposes-operation.html

Startup Security Tactics: Friction Surveys

Startup Security Tactics: Friction Surveys,

When we do quarterly planning, my team categorizes our goals within four evergreen outcomes:

Reduce the risk of information security incidents
Increase trust in Vanta’s information security program
Reduce the friction caused by information security controls
Use security expertise to support the business

In this article, I’m going to focus on number three: reducing friction.
Declaring your

,

When we do quarterly planning, my team categorizes our goals within four evergreen outcomes:

Reduce the risk of information security incidents
Increase trust in Vanta’s information security program
Reduce the friction caused by information security controls
Use security expertise to support the business

In this article, I’m going to focus on number three: reducing friction.
Declaring your

, ,
https://thehackernews.com/2023/06/startup-security-tactics-friction.html

Critical ‘nOAuth’ Flaw in Microsoft Azure AD Enabled Complete Account Takeover

Critical ‘nOAuth’ Flaw in Microsoft Azure AD Enabled Complete Account Takeover

,

A security shortcoming in Microsoft Azure Active Directory (AD) Open Authorization (OAuth) process could have been exploited to achieve full account takeover, researchers said.
California-based identity and access management service Descope, which discovered and reported the issue in April 2023, dubbed it nOAuth.
« nOAuth is an authentication implementation flaw that can affect Microsoft Azure AD

,

A security shortcoming in Microsoft Azure Active Directory (AD) Open Authorization (OAuth) process could have been exploited to achieve full account takeover, researchers said.
California-based identity and access management service Descope, which discovered and reported the issue in April 2023, dubbed it nOAuth.
« nOAuth is an authentication implementation flaw that can affect Microsoft Azure AD

, ,
https://thehackernews.com/2023/06/critical-noauth-flaw-in-microsoft-azure.html

Chinese Hacker Group ‘Flea’ Targets American Ministries with Graphican Backdoor

Chinese Hacker Group ‘Flea’ Targets American Ministries with Graphican Backdoor

,

Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023.
The cyber attacks, per Broadcom’s Symantec, involved a new backdoor codenamed Graphican. Some of the other targets included a government finance department and a corporation that markets products in the Americas as

,

Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023.
The cyber attacks, per Broadcom’s Symantec, involved a new backdoor codenamed Graphican. Some of the other targets included a government finance department and a corporation that markets products in the Americas as

, ,
https://thehackernews.com/2023/06/chinese-hacker-group-flea-targets.html

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks,

A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to rope the devices into a distributed denial-of-service (DDoS) botnet.
Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work of a threat actor who goes by the online alias zxcr9999 on Telegram and runs a Telegram channel

,

A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to rope the devices into a distributed denial-of-service (DDoS) botnet.
Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work of a threat actor who goes by the online alias zxcr9999 on Telegram and runs a Telegram channel

, ,
https://thehackernews.com/2023/06/new-condi-malware-hijacking-tp-link-wi.html

Alert! Hackers Exploiting Critical Vulnerability in VMware’s Aria Operations Networks

Alert! Hackers Exploiting Critical Vulnerability in VMware’s Aria Operations Networks

,

VMware has flagged that a recently patched critical command injection vulnerability in Aria Operations for Networks (formerly vRealize Network Insight) has come under active exploitation in the wild.
The flaw, tracked as CVE-2023-20887, could allow a malicious actor with network access to the product to perform a command injection attack, resulting in remote code execution.
It impacts VMware

,

VMware has flagged that a recently patched critical command injection vulnerability in Aria Operations for Networks (formerly vRealize Network Insight) has come under active exploitation in the wild.
The flaw, tracked as CVE-2023-20887, could allow a malicious actor with network access to the product to perform a command injection attack, resulting in remote code execution.
It impacts VMware

, ,
https://thehackernews.com/2023/06/alert-hackers-exploiting-critical.html

Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products

Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products,

Three security vulnerabilities have been disclosed in operational technology (OT) products from Wago and Schneider Electric.
The flaws, per Forescout, are part of a broader set of shortcomings collectively called OT:ICEFALL, which now comprises a total of 61 issues spanning 13 different vendors.
« OT:ICEFALL demonstrates the need for tighter scrutiny of, and improvements to, processes related to

,

Three security vulnerabilities have been disclosed in operational technology (OT) products from Wago and Schneider Electric.
The flaws, per Forescout, are part of a broader set of shortcomings collectively called OT:ICEFALL, which now comprises a total of 61 issues spanning 13 different vendors.
« OT:ICEFALL demonstrates the need for tighter scrutiny of, and improvements to, processes related to

, ,
https://thehackernews.com/2023/06/researchers-expose-new-severe-flaws-in.html