#web

A list of topics we covered in the week of December 18 to December 24 of 2023

Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via `/ccm/system/dialogs/logs/delete_all/submit`. An attacker can force an admin user to delete server report logs on a web application to which they are currently authenticated.

The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB's formal exit from Russia earlier this year. Cloud Atlas, active since at

By Owais Sultan In the current high-tech age, consumer data is a business’s most important asset as they progressively shifts towards… This is a post from HackRead.com Read the original post: Adobe Real-Time CDP: Personalized Customer Experience

Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent to get back to cybercrime "as soon as possible," BBC reported. Kurtaj, who is autistic, was

By Deeba Ahmed Corrected sentence: "Anti-scam solutions provider Scam Sniffer and cybersecurity firm Check Point Research (CPR) have warned of increasing attacks aimed at your crypto funds through malicious ads." This is a post from HackRead.com Read the original post: Hackers Stole $59 Million of Crypto Via Malicious Google and X Ads

### Issue Snowflake recently received a report about a vulnerability in the Snowflake Connector .NET where the checks against the Certificate Revocation List (CRL) were not performed where the insecureMode flag was set to false, which is the default setting. The vulnerability affects versions between 2.0.25 and 2.1.4 (inclusive). Snowflake fixed the issue in [version 2.1.5](https://docs.snowflake.com/release-notes/clients-drivers/dotnet-2023#version-2-1-5-december-18-2023). ### Attack Scenario Snowflake uses CRL to check if a TLS certificate has been revoked before its expiration date. The lack of correct validation of revoked certificates could, in theory, allow an attacker who has both access to the private key of a correctly issued Snowflake certificate and the ability to intercept network traffic to perform a Man-in-the-Middle (MitM) attack in order to compromise Snowflake credentials used by the driver. The vulnerability is difficult to exploit given both conditions required and...

Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri. "As with many other malicious or fake WordPress plugins it contains some deceptive information at

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Craft CMS versions 4.0.0-RC1 through 4.4.14.

Hospital Management System versions 4.0 and below suffer from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.