Select Page
Critical Bug in WordPress Theme Plugin Opens 200,000 Sites to Hackers

Critical Bug in WordPress Theme Plugin Opens 200,000 Sites to Hackers

A popular WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated remote attackers compromise a wide range of websites and blogs.

The vulnerable plugin in question is ‘ThemeGrill Demo Importer‘ that comes with free as well as premium themes sold by the software development company ThemeGrill.

ThemeGrill Demo Importer plugin has been designed to allow WordPress site admins to import demo content, widgets, and settings from ThemeGrill, making it easier for them to quickly customize the theme.

According to a report WebARX security company shared with The Hacker News, when a ThemeGrill theme is installed and activated, the affected plugin executes some functions with administrative privileges without checking whether the user running the code is authenticated and is an admin.

The flaw could eventually allow unauthenticated remote attackers to wipe the entire database of targeted websites to its default state, after which they will also be automatically logged in as an administrator, allowing them to take complete control over the sites.

images from Hacker News

OpenSSH now supports FIDO U2F security keys for 2-factor authentication

OpenSSH now supports FIDO U2F security keys for 2-factor authentication

Here’s excellent news for sysadmins. You can now use a physical security key as hardware-based two-factor authentication to securely log into a remote system via SSH protocol.

OpenSSH, one of the most widely used open-source implementations of the Secure Shell (SSH) Protocol, yesterday announced the 8.2 version of the software that primarily includes two new significant security enhancements.

First, OpenSSH 8.2 added support for FIDO/U2F hardware authenticators, and the second, it has deprecated SSH-RSA public key signature algorithm and planned to disable it by default in the future versions of the software.

FIDO (Fast Identity Online) protocol based hardware security devices are stronger and fool-proof mechanisms for authentication because it enables public-key cryptography to protect against advanced malware, phishing, and man-in-the-middle attacks.

“In OpenSSH, FIDO devices are supported by new public key types’ ecdsa-sk’ and ‘ed25519-sk’, along with corresponding certificate types,” the OpenSSH 8.2 release note says.​

images from Hacker News

A Dozen Vulnerabilities Affect Millions of Bluetooth LE Powered Devices

A Dozen Vulnerabilities Affect Millions of Bluetooth LE Powered Devices

A team of cybersecurity researchers late last week disclosed the existence of 12 potentially severe security vulnerabilities, collectively named ‘SweynTooth,’ affecting millions of Bluetooth-enabled wireless smart devices worldwide—and worryingly, a few of which haven’t yet been patched.

All SweynTooth flaws basically reside in the way software development kits (SDKs) used by multiple system-on-a-chip (SoC) have implemented Bluetooth Low Energy (BLE) wireless communication technology—powering at least 480 distinct products from several vendors including Samsung, FitBit and Xiaomi.

According to the researchers, hackers in close physical proximity to vulnerable devices can abuse this vulnerability to remotely trigger deadlocks, crashes, and even bypass security in BLE products, allowing them to arbitrary read or write access to device’s functions that are otherwise only allowed to be accessed by an authorized user.

“As of today, SweynTooth vulnerabilities are found in the BLE SDKs sold by major SoC vendors, such as Texas Instruments, NXP, Cypress, Dialog Semiconductors, Microchip, STMicroelectronics and Telink Semiconductor,” the researchers from the Singapore University of Technology and Design said.

images from Hacker News

U.S. Charges 4 Chinese Military Hackers Over Equifax Data Breach

U.S. Charges 4 Chinese Military Hackers Over Equifax Data Breach

The United States Department of Justice today announced charges against 4 Chinese military hackers who were allegedly behind the Equifax data breach that exposed the personal and financial data of nearly 150 million Americans.

In a joint press conference held today with the Attorney General William Barr and FBI Deputy Director David Bowdich, the DoJ officials labeled the state-sponsored hacking campaign as the largest hacking case ever uncovered of this type.

The four accused, Wu Zhiyong (吴志勇), Wang Qian (王乾), Xu Ke (许可) and Liu Lei (刘磊), have also been indicted for their involvement in hacking and stealing trade secrets, intellectual property and confidential information from several other U.S. businesses in recent years.

In September 2017, credit reporting agency Equifax disclosed it had become a victim of a massive cyberattack that left highly sensitive data of nearly half of the U.S. population in the hands of hackers.

As The Hacker News reported earlier, hackers compromised Equifax servers using a critical vulnerability in Apache Struts Web Framework that the company forgets to patch on time even when an updated secure version of the software was available.

images from Hacker News

Adobe Releases Patches for Dozens of Critical Flaws in 5 Software

Adobe Releases Patches for Dozens of Critical Flaws in 5 Software

Here comes the second ‘Patch Tuesday’ of this year.

Adobe today released the latest security updates for five of its widely used software that patch a total of 42 newly discovered vulnerabilities, 35 of which are critical in severity.

The first four of the total five affected software, all listed below, are vulnerable to at least one critical arbitrary code execution vulnerability that could allow attackers to take full control of vulnerable systems.

  • Adobe Framemaker
  • Adobe Acrobat and Reader
  • Adobe Flash Player
  • Adobe Digital Edition
  • Adobe Experience Manager

In brief, Adobe Framemaker for Windows, an advanced document processing software, contains 21 flaws, and all of them are critical buffer error, heap overflow, memory corruption, and out-of-bounds write issues, leading to code execution attacks.

Adobe Acrobat and Reader for Windows and macOS also contain 12 similar critical code execution vulnerabilities, along with 3 other important information disclosure and a moderate memory leak issue.

Whereas, the latest update for Adobe Flash Player, one of the most infamous software in terms of having the worst security record of all time, has patched yet another critical arbitrary code execution flaw. If exploited, this flaw could allow hackers to compromise targeted Windows, macOS, Linux, and Chrome OS-based computers.

Adobe has also patched a new critical arbitrary code execution flaw and an important information disclosure issue in Digital Edition, another popular e-book reader software program developed by Adobe.

At last, Adobe Experience Manager—a comprehensive content management solution for building websites, mobile apps, and forms—doesn’t contain any critical flaw this time but has patched an important denial-of-service (DoS) issue that affects only versions 6.5 and 6.4 of the software.

Though none of the software vulnerabilities fixed this month were publicly disclosed or found being exploited in the wild, The Hacker News still highly recommend readers to download and install the latest versions of the affected software.

If your system has not yet detected the availability of the new update automatically, you should manually install the update by choosing “Help → Check for Updates” in your Adobe software for Windows, macOS, Linux, and Chrome OS.

Besides this, you are also advised to follow some basic system security practices, such as:

  • Run all software with the least required privileges,
  • Avoid downloading or handling files from untrusted or unknown sources,
  • Never visit sites of untrusted or suspicious integrity,
  • Block external access at the network level to all critical systems unless specific access is required.

images from Hacker News