Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, December 16, 2023.
Critical WordPress Plugin affects 90K Sites – CVE-2023-6553
Researchers have identified a critical vulnerability in a popular plugin has exposed thousands of websites to a potential takeover. This vulnerability, tracked as CVE-2023-6553 with a CVSS score of 9.8, impacts the Backup Migration plugin used by over 90,000 websites.
This critical flaw impacts all versions of Backup Migration up to 1.3.6. It allows unauthenticated attackers to inject PHP code and execute arbitrary commands on the server, essentially giving them complete control of your website.
CozyBear exploiting JetBrains flaw – CVE-2023-42793
Russian Cozybear group is infiltrating JetBrains TeamCity servers using a critical vulnerability enabling authorization bypass and arbitrary code execution, government officials warn.
As said, the threat actors have been exploiting the bug tracked as CVE-2023-42793 since September, A patch was made available on Sept. 18 in TeamCity version 2023.05.4. The critical vulnerability enables unauthenticated attackers to gain administrator access to TeamCity servers and achieve remote code execution without the need for user interaction.
Microsoft Patch Tuesday – December 2023
Microsoft patched 34 CVEs in its December 2023 Patch Tuesday release, zero day fix for AMD, four rated critical and 29 rated as important. This does not include 8 Microsoft Edge flaws fixed on December 7th. A separate advisory from AMD is available with more information on the vulnerability.
While eight remote code execution bugs were fixed, Microsoft only rated three as critical. In total, there were four critical vulnerabilities, with one in Power Platform (Spoofing), two in Internet Connection Sharing (RCE), and one in Windows MSHTML Platform (RCE).
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
Kraft Heinz unfazes cyber attack. Snatch claims responsibility
Kraft Heinz Co. is investigating a cyberattack that resulted in the alleged theft of data by a ransomware group. This came into light after the Snatch ransomware gang named Kraft Foods as a ransomware victim of their dark web leaks site on Dec. 14. The gang claimed that the attack took place in August, with the details only being revealed now.
Kraft Heinz, in a statement, said that it was investigating whether a cyberattack on a decommissioned marketing website is related to Snatch’s claims but noted that they had not experienced any issues on their corporate network.
Sophos Released Hotfixes for CVE-2022-3236
A critical vulnerability in the Sophos Firewall User Portal and Webadmin, allowing hackers to execute malicious code remotely. The vulnerability tracked CVE-2022-3236 with a CVSS score of 9.8, enables attackers to inject harmful code into the software, which, if exploited, can result in a complete takeover of the system and data theft.
Sophos said that “vulnerable devices are running end-of-life (EOL) firmware. We immediately developed a patch for certain EOL firmware versions, which was automatically applied to the 99% of affected organizations that have “accept hotfix” turned on”.
This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
