Security News

Page Builder by SiteOrigin, a WordPress plugin with a million active installs that's used to build websites via a drag-and-drop function, harbors two flaws that can allow full site takeover. "If the user is in the live editor, the siteorigin panels live editor parameter will be set to 'true' and register that a user is accessing the live editor. The plugin will then attempt to include the live editor file which renders all of the content."

Today we're going to dive into how COVID-19 is driving an increase in account takeover as well as providing some suggestions on how to combat. Before we get too into the weeds, let's just quickly level set on a definition of account takeover or ATO. Account takeover is when a legitimate customer's account is accessed through illicit means for the purpose of committing fraud.

Microsoft has quickly fixed a flaw in its Teams videoconferencing and collaboration program that could have allowed attackers to launch a wormlike attack on multiple accounts by sending one victim a malicious GIF image. If an attacker can somehow force a user to visit the sub-domains that have been taken over, the victim's browser will send this cookie to the attacker's server and the attacker can create a skype token.

Three different connected home hubs - Fibaro Home Center Lite, Homematic Central Control Unit and Elko's eLAN-RF-003 - are vulnerable in their older versions to serious bugs that would allow information disclosure, man-in-the-middle attacks and unauthenticated remote code execution, according to researchers. Home hubs are used to connect a range of smart devices.

The TA505 cybercrime group has ramped up its attacks lately, with a set of campaigns bent on spreading the persistent SDBbot remote-access trojan laterally throughout an entire corporate environment, researchers said. SDBbot RAT is a custom job that has been observed in TA505 attacks since at least September 2019; it offers remote-access capabilities and has a few spyware aspects, including the ability to exfiltrate data from the victimized devices and networks.

We'll refer to this one a Fourthytuesday instead, now that Firefox has reduced its update wavelength to four weeks to get important-but-not-zero-day-critical fixes out just that bit more frequently. If your automatic update hasn't happened yet, a manual check will let you "Jump the queue" and get the update a bit sooner.

A vulnerability in the Point-to-Point Protocol Daemon software, which comes installed on many Linux-based and Unix-like operating systems and networking devices, can be exploited by unauthenticated attackers to achieve code execution on - and takeover of - a targeted system. Pppd is a daemon that is used to manage PPP session establishment and session termination between two nodes on Unix-like operating systems.

The CNAME points to a subdomain on a hosting service like Azure, which allows users to create websites using subdomains of. No verification, no alert to Microsoft that one of their old subdomains has been taken over, and no easy way for enterprise security systems to detect that this apparently legit domain is anything but.

SAN FRANCISCO - Researchers have discovered several high-severity vulnerabilities in a connected vacuum cleaner. The security holes could give remote attackers the capability to launch an array of attacks - from a denial of service attack that renders the vacuum unusable, to viewing private home footage through the vacuum's embedded camera.

Online music platform SoundCloud, which can be thought of as an audio-based YouTube for music creators, has addressed several security bugs in its APIs that could lead to denial-of-service or account takeover via credential-stuffing. According to researcher Paulo Silva of Checkmarx Security Research, three different groups of security vulnerabilities were found in the platform: A authentication issue which could lead to account takeover; a rate-limiting bug that could lead to DoS; and an improper input validation.