Security News

Patches have been issued to contain a "Severe" security vulnerability in UpdraftPlus, a WordPress plugin with over three million installations, that can be weaponized to download the site's private data using an account on the vulnerable sites. "All versions of UpdraftPlus from March 2019 onwards have contained a vulnerability caused by a missing permissions-level check, allowing untrusted users access to backups," the maintainers of the plugin said in an advisory published this week.

Adobe on Thursday updated its advisory for an actively exploited zero-day affecting Adobe Commerce and Magento Open Source to patch a newly discovered flaw that could be weaponized to achieve arbitrary code execution. "We have discovered additional security protections necessary for CVE-2022-24086 and have released an update to address them," the company said in a revised bulletin.

Adobe has put out a warning about another critical security bug affecting its Magento/Adobe Commerce product - and IT pros need to install a second patch after an initial update earlier this week failed to fully plug the first one. It's tracked as ​​CVE-2022-24087 and - like the earlier vuln, CVE-2022-24086 - impacts both Magento Open Source and Adobe Commerce.

Another zero-day bug has been discovered in the Magento Open Source and Adobe Commerce platforms, while researchers have created a working proof-of-concept exploit for the recently patched CVE-2022-24086 vulnerability that came under active attack and forced Adobe to push out an emergency patch last weekend. The new flaw, detailed on Thursday, has the same level of severity assigned to its predecessor, which Adobe patched on Feb. 13.

When tested, 28% of businesses had critical vulnerabilities - vulnerabilities that could be immediately exploited by cyber attacks. A quarter of businesses neglected to fix those critical vulnerabilities, even though penetration testing had highlighted them to the business after a retest was completed.

Security researchers have created exploit code for CVE-2022-24086, the critical vulnerability affecting Adobe Commerce and Magento Open Source that Adobe that patched in an out-of-band update last Sunday. The vulnerability, which Adobe saw being "Exploited in the wild in very limited attacks," received a severity score of 9.8 out of 10 and adversaries exploiting it can achieve remote code execution on affected systems without the need to authenticate.

VMware has issued a critical security update to address issues in its ESXi, Fusion and Workstation products, including VMware Cloud Foundation versions. VMware noted that patching VMware ESXi, Fusion and Workstation is the fastest method to resolve the issues, but organizations could also remove USB controllers from their VMs as a workaround.

Technical details have been disclosed regarding a number of security vulnerabilities affecting Moxa's MXview web-based network management system, some of which could be chained by an unauthenticated adversary to achieve remote code execution on unpatched servers. The five security weaknesses "Could allow a remote, unauthenticated attacker to execute code on the hosting machine with the highest privileges available: NT AUTHORITYSYSTEM," Claroty security researcher Noam Moshe said in a report published this week.

The San Francisco 49ers were recently kneecapped by a BlackByte ransomware attack that temporarily discombobulated the NFL team's corporate IT network on the Big Buffalo Wing-Snarfing Day itself: Superbowl Sunday. Joseph Carson, chief security scientist and advisory CISO at provider of privileged access management solutions provider Delinea, suggested to Threatpost that it's likely that an affiliate hacked the 49ers, as opposed to the authors behind the ransomware, given that BlackByte is an RaaS. BlackByte recently posted some files purportedly stolen from the team on a dark web site in a file marked "2020 Invoices." The gang hasn't made its ransom demands public.

Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild. The California-headquartered company also pointed out that the vulnerability is only exploitable by an attacker with administrative privileges.