The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Bugs, Exploit, Healthcare Attacks, Naikon, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Bugs in Two Related WordPress Plugins Together Risked Over 1 Million Websites
(published: May 10, 2020)
Two critical-severity WordPress plugin vulnerabilities have been identified by the Wordfence security team which could impact over a million WordPress websites. The two plugins affected are Elementor Pro and Ultimate Addons for Elementor, and the researchers have observed active exploitation of the vulnerabilities. Exploiting the Elementor Pro plugin allows for remote code execution attacks, granting a malicious actor the ability to gain full administrative access to WordPress if the site has open user registration. Websites with the “open user registration” option disabled can be exploited using the Ultimate Addons for Elementor registration bypass vulnerability. Developers behind both plugins have patched the flaws in Elementor Pro version 2.9.4 and Ultimate Addons for Elementor version 1.24.2.Recommendation: Users of these WordPress plugins should ensure they are using Elementor Pro version 2.9.4 and Ultimate Addons for Elementor version 1.24.2 or newer which include fixes to the vulnerabilities. All website owners, especially those using WordPress, should keep their installations and plugins up to date to ensure patches are installed as soon as they are available.Tags: Vulnerabilities, WordPress, Plugin, Registration bypass, Remote code execution
