Hackerzhome

hackerzhome-logo-bg
Hackerzhome-logo-sm

Cybersecurity news all over the world

HACKERZHOME NEWS

May 15, 2023

www.hackerzhome.org

Monday

After the announcement of the PoC vulnerability, hackers target a WordPress plugin issue.

A proof-of-concept (PoC) vulnerability in the WordPress Advanced Custom Fields plugin was made public around 24 hours ago, and hackers are already actively exploiting it.


The afflicted WordPress sites are vulnerable to the CVE-2023-30777 vulnerability, a high-severity reflected cross-site scripting (XSS) bug that enables unauthenticated attackers to steal sensitive information and escalate their privileges.


On May 2, 2023, website security firm Patchstack found the bug. A proof-of-concept exploit and disclosure of the issue were made public on May 5th, one day after the plugin vendor had issued a security update with version 6.1.6.


Starting on May 6th, 2023, the Akamai Security Intelligence Group (SIG) witnessed substantial scanning and exploitation activity utilizing the sample code supplied in Patchstack’s write-up, as they revealed yesterday.


According to statistics from wordpress.org, over 1.4 million websites that use the vulnerable WordPress plugin are still running an older version, giving the attackers a huge attack surface to work with.


In order to exploit the XSS weakness, a user must be signed in and have permission to the plugin in order to run malicious code on their browser and grant the attackers high-privileged access to the website.

NEWS 1
After the announcement of the PoC vulnerability, hackers target a WordPress plugin issue.

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

The new "Forgetful Browsing" anti-tracking feature from Brave is released

New “Forgetful Browsing” functionality from the privacy-focused Brave Browser stops websites from re-identifying you on subsequent visits.
When you close a webpage, this new function will delete data from local storage and the cache in addition to cookies at the websites you designate.

In addition to immediately logging visitors off of websites, this also stops re-identification when they visit the site later.

According to the release from Brave Software, when this option is enabled, Brave will delete the site’s first-party storage a few seconds after there are no active tabs for the site.

Both actively saved values (like cookies, localStorage, or indexedDB) and indirectly stored values (like HTTP cache or DNS cache) are cleared by forgetful browsing.

Because consumers intentionally pick which websites to visit and naturally have more control and a clearer awareness of where their data is going, first-party tracking has fallen to the wayside in the privacy-protection considerations of browser programmers.

While first-party cookies are necessary for a positive internet experience, such as logging into a site and tracking material read, there are still various concerns involved in allowing a website to continually re-identify users.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

May 15, 2023 /

Monday

Hackerzhome News

2

Have you heard?
A Vulnerability In The WordPress Elementor Plugin Allowed Hackers To Take Over Accounts On 1,000,000 Websites Know more!

Customers are advised by Capita to presume that data has been taken.

Customers are advised by Capita to presume that data has been taken.

Customers are being cautioned by business process outsourcing company Capita to presume that their data was stolen during a hack that hit its networks in early April.

The largest private pension plan in the UK, the Universities Superannuation Scheme (USS), was forewarned by Capita to respond to the event under the premise that the data of its members had been taken over six weeks after the assault was made public.

USS invests £82.2 billion (more than $102 billion) on behalf of the more than 500,000 members of UK universities and higher education institutions (and their families) whose pensions it administers.

According to Capita, the hackers gained access to systems that included the personal data of some 470,000 active, deferred, and retired members, including names, birthdates, National Insurance numbers, and USS member numbers.

While Capita first referred to the assault as a technical issue, the business eventually revealed that a weekend-long outage was caused by a cyberattack.

NEWS 3

Users are vulnerable to malware, remote attacks, and surveillance due to flaws in Netgear routers.

NEWS 4

Up to five security holes in Netgear RAX30 routers have been found, and when linked together, they might allow remote code execution and authentication bypass.

According to a report by Claroty security researcher Uri Katz, successful vulnerabilities might provide attackers access to network traffic, hijack internet connections, and divert traffic to harmful websites or implant malware.

A network-adjacent threat actor may also exploit the flaws to get access to networked smart devices like security cameras, thermostats, and smart locks as well as to launch attacks against other networks or devices using a compromised network.

The following list of vulnerabilities was presented at the Pwn2Own hacking competition held in Toronto in December 2022: CVE-2023-27357 (CVSS score: 6.5), CVE-2023-27368 (CVSS score: 8.8), CVE-2023-27369 (CVSS score: 8.8), CVE-2023-27370 (CVSS score: 5.7), and, CVE-2023-27367 (CVSS score: 8.0).

The industrial cybersecurity company’s proof-of-concept (PoC) exploit chain demonstrates how it is possible to string together the vulnerabilities (in that order: CVE-2023-27357, CVE-2023-27369, CVE-2023-27368, CVE-2023-27370, and CVE-2023-27367) to extract the device serial number and ultimately gain root access to it.

Recent blog posts

6 Years in Prison for $2 Million Crypto Extortion Case for Ex-Ubiquiti Employee

After pleading guilty to pretending to be an anonymous hacker and a whistleblower in an attempt to extort over $2 million worth of cryptocurrencies while working at the firm, a former employee of Ubiquiti was given a six-year prison sentence.

Nickolas Sharp, 37, was detained in December 2021 for utilizing his insider connections as a senior developer to collect private data and sending an anonymous email requesting payment of 50 bitcoin (equal to $2 million at the time) from the network technology supplier in return for the stolen information.

Ubiquiti, on the other hand, refused to pay the demanded ransom and instead alerted the police, who later identified Sharp as the hacker after following a VPN connection to a Surfshark account he had bought using his PayPal account.

In addition to making false claims that he was unaware of the extortion plot, the defendant, who is headquartered in Oregon, altered log retention guidelines and other files to hide his unauthorized use of the company’s network.

Sharp, who worked for Ubiquiti from August 2018 to late March 2021, pled guilty earlier this month to distributing false information about the company being hacked by an anonymous offender who had obtained administrator access to the company’s AWS accounts.

6 Years in Prison for $2 Million Crypto Extortion Case for Ex-Ubiquiti Employee
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

Cyberghost

Cyberghost

A Computer science Engineer, Certified Ethical hacker (CEH), Offensive Security Certified professional (OSCP), SOC Analyst & Content Creator.