Security News > 2023 > July

Smells like Russian cyber spies (again) A vulnerability in Zimbra's software is being exploited right now by miscreants to compromise systems and attack selected government organizations, experts reckon.…

Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation. WooCommerce Payments is a very popular WordPress plugin allowing websites to accept credit and debit cards as payment in WooCommerce stores.

Over the weekend Chinese president Xi Jinping gave a directive to officials to build a Beijing-supervised "Security barrier" around its internet. According to state-sponsored media republished by the government, Xi said it was "Essential to uphold the Party's leadership over the internet sector."

The U.S. Cybersecurity and Infrastructure Security Agency has shared a factsheet providing details on free tools and guidance for securing digital assets after switching to the cloud from on-premises environments. The highlighted tools complement the built-in tools provided by cloud service providers and help reinforce the resilience of network infrastructures, strengthen security measures, promptly identify malicious compromises, meticulously map potential threat vectors, and effectively pinpoint malicious activity in the aftermath of a breach.

How snapshots - point-in-time copies of data - can improve data security. Here are a few ways to use snapshots to enhance data security.

Hackers are actively exploiting two ColdFusion vulnerabilities to bypass authentication and remotely execute commands to install webshells on vulnerable servers. The active exploitation was seen by researchers at Rapid7, which says threat actors are chaining together exploits for an access control bypass vulnerability and what appears to be CVE-2023-38203, a critical remote code execution vulnerability.

Adobe warns that a critical ColdFusion pre-authentication remote code execution vulnerability tracked as CVE-2023-29300 is actively exploited in attacks. CVE-2023-29300 is rated as critical with a 9.8 severity rating, as it can be used by unauthenticated visitors to remotely execute commands on vulnerable Coldfusion 2018, 2021, and 2023 servers in low-complexity attacks.

Adobe warns that a critical ColdFusion pre-authentication remote code execution vulnerability tracked as CVE-2023-29300 is actively exploited in attacks.CVE-2023-29300 is rated as critical with a 9.8 severity rating, as it can be used by unauthenticated visitors to remotely execute commands on vulnerable Coldfusion 2018, 2021, and 2023 servers in low-complexity attacks.

The Spanish National Police has apprehended a Ukrainian national wanted internationally for his involvement in a scareware operation spanning from 2006 to 2011. "The operation has been carried out by investigators from the General Information Police Station in coordination with the Provincial Information Brigades of Tenerife and Barcelona and with the El Prat Airport Police Station," a Spanish National Police press release published on Saturday reads.

28-year-old Ashley Liles, a former IT employee, has been sentenced to over three years in prison for attempting to blackmail his employer during a ransomware attack. Liles, an IT security analyst at an Oxford-based company, exploited his position to intercept a ransomware payment following an attack suffered by his employer.