CISA Warns of Actively Exploited Adobe Acrobat Reader Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2023-21608 (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to achieve remote code execution (RCE) with the

https://thehackernews.com/2023/10/us-cyb...ns-of.html

Over 17,000 WordPress Sites Compromised by Balada Injector in September 2023

More than 17,000 WordPress websites have been compromised in the month of September 2023 with a malware known as Balada Injector, nearly twice the number of detections in August.
Of these, 9,000 of the websites are said to have been infiltrated using a recently disclosed security flaw in the tagDiv Composer plugin (CVE-2023-3169, CVSS score: 6.1) that could be exploited by unauthenticated users

https://thehackernews.com/2023/10/over-1...mised.html

Two High-Risk Security Flaws Discovered in Curl Library - New Patches Released

Patches have been released for two security flaws impacting the Curl data transfer library, the most severe of which could potentially result in code execution.
The list of vulnerabilities is as follows -

CVE-2023-38545 (CVSS score: 7.5) - SOCKS5 heap-based buffer overflow vulnerability
CVE-2023-38546 (CVSS score: 5.0) - Cookie injection with none file

CVE-2023-38545 is the more severe of the

https://thehackernews.com/2023/10/two-hi...vered.html

Researchers Uncover Ongoing Attacks Targeting Asian Governments and Telecom Giants

High-profile government and telecom entities in Asia have been targeted as part of an ongoing campaign since 2021 that's designed to deploy basic backdoors and loaders for delivering next-stage malware.
Cybersecurity company Check Point is tracking the activity under the name Stayin' Alive. Targets include organizations located in Vietnam, Uzbekistan, Pakistan, and Kazakhstan.
"The simplistic

https://thehackernews.com/2023/10/resear...going.html

Researchers Uncover Malware Posing as WordPress Caching Plugin

Cybersecurity researchers have shed light on a new sophisticated strain of malware that masquerades a WordPress plugin to stealthily create administrator accounts and remotely control a compromised site.
"Complete with a professional looking opening comment implying it is a caching plugin, this rogue code contains numerous functions, adds filters to prevent itself from being included in the list

https://thehackernews.com/2023/10/resear...ng-as.html

One-Click 'Gnome' Exploit Is a Supply Chain Risk for Linux OSes

An overlooked library contains a vulnerability that could enable full remote takeover simply by clicking a link.

https://www.darkreading.com/vulnerabilit...linux-oses

Securely Moving Financial Services to the Cloud

Financial services organizations migrating applications to the cloud need to think about cloud governance, applying appropriate policies and oversight, and compliance and regulatory requirements.

https://www.darkreading.com/google-cloud...-the-cloud

Reassessing the Impacts of Risk Management With NIST Framework 2.0

The latest NIST Cybersecurity Framework draft highlights four major themes that organizations should pay attention to for managing risk.

https://www.darkreading.com/risk/reasses...h-nist-2-0

Data Thieves Test-Drive Unique Certificate Abuse Tactic

An SEO poisoning campaign is spreading the RecordBreaker/Raccoon Stealer and LummaC2 infostealers by attempting to confound software certificate checks.

https://www.darkreading.com/endpoint/dat...cate-abuse

Magecart Campaign Hijacks 404 Pages to Steal Data

The novel technique helps hide the cybercriminal campaign's efforts to steal credit card information from visitors to major websites, and it represents an evolution for Magecart.

https://www.darkreading.com/cloud/mageca...steal-data