CVE-2020-27615: SQL Injection Vulnerability in WordPress Loginizer Plugin Affected Over One Million Sites

In a rare move, the WordPress Security Team forced a plugin update to over one million sites to address a vulnerability in a popular WordPress plugin used for brute force protection. Background On October 21, the developers of Loginizer, a popular WordPress plugin that offers protection against brute force attacks, published a blog post about a recent update to their plugin that addresses a severe … [Read more...]

CVE-2020-5135: Critical SonicWall VPN Portal Stack-based Buffer Overflow Vulnerability

Researchers disclose a critical pre-authentication vulnerability in the SonicWall VPN Portal that is easily exploitable. Background On October 12, SonicWall published a security advisory (SNWLID-2020-0010) to address a critical vulnerability in SonicOS that could lead to remote code execution (RCE). The vulnerability was discovered by security researchers at Tripwire’s Vulnerability and Exposure … [Read more...]

CVE-2020-1472: Advanced Persistent Threat Actors Use Zerologon Vulnerability In Exploit Chain with Unpatched Vulnerabilities

U.S. Government agencies issue joint cybersecurity advisory cautioning that advanced threat groups are chaining vulnerabilities together to gain entry into government networks and elevate privileges. Background On October 9, the Cybersecurity Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory. The advisory, identified as … [Read more...]

CVE-2020-6925, CVE-2020-6926, CVE-2020-6927: Multiple Vulnerabilities in HP Device Manager

Vulnerabilities in HP Device Manager could be chained to achieve unauthenticated remote command execution. Background On September 25, HP published a security bulletin to address multiple vulnerabilities in HP Device Manager, software that’s used to remotely manage HP Thin Clients. The vulnerabilities were disclosed to HP by security researcher Nick Bloor. As part of a Twitter thread, Bloor warned … [Read more...]

US Cybersecurity Agency CISA Alert: Foreign Threat Actors Continue to Target Unpatched Vulnerabilities

CISA warns that foreign threat actors from China and Iran are routinely targeting unpatched vulnerabilities across government agencies and U.S.-based networks. Background On September 14 and September 15, the Cybersecurity Infrastructure Security Agency (CISA) published two separate alerts detailing malicious activity from foreign threat actors: AA20-258A: Chinese Ministry of State … [Read more...]

CVE-2020-2040: Critical Buffer Overflow Vulnerability in PAN-OS Devices Disclosed

PAN-OS devices that have enabled the captive portal or multi-factor authentication features are vulnerable to a critical buffer overflow flaw. Background On September 9, Palo Alto Networks (PAN) published nine security advisories for a series of vulnerabilities affecting PAN-OS, a custom operating system (OS) found in PAN’s next-generation firewalls. Of the nine security advisories, only one is … [Read more...]

TikTok Ad Scams: Insufficient Moderation Leaves ‘For You’ Page Filled with Dubious Apps, Products and Services

TikTok’s popular “#ForYou” page has become a habitat for scammers peddling fake mobile applications, diet pills, drop-shipped goods, fake gift cards and more. The fate of TikTok’s operations in the U.S., Australia and New Zealand has been a topic of international interest for the past several weeks. Tech giant Microsoft and retail giant Walmart are weighing a joint bid to acquire the businesses … [Read more...]

Critical Vulnerability in File Manager WordPress Plugin Exploited in the Wild

Attackers have begun to target a vulnerability in a popular WordPress plugin with over 700,000 active installations, attempting to inject malicious code. Background On September 1, researchers at Wordfence published a blog post about a critical vulnerability in File Manager, a popular WordPress Plugin used to manage files on WordPress sites. According to statistics from wordpress.org, the plugin … [Read more...]

Zero-Day Remote Code Execution Vulnerability in vBulletin Disclosed

Researcher identifies a zero-day vulnerability that bypasses a fix for CVE-2019-16759, a previously disclosed remote code execution vulnerability in vBulletin. Attacks have already been observed in the wild. Background On August 9, vulnerability researcher Amir Etemadieh published details about a zero day remote code execution (RCE) vulnerability in vBulletin, a popular forum software used by … [Read more...]

CVE-2020-3452: Cisco Adaptive Security Appliance and Firepower Threat Defense Path Traversal Vulnerability

After Cisco disclosed a serious vulnerability in its Adaptive Security Appliance and Firepower Threat Defense, one of the security researchers credited with its discovery released proof of concept code for the flaw. Background On July 22, Cisco published an advisory for a highly rated vulnerability in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software used by the ASA … [Read more...]