A Trojan SDK snuck past Google Play protections to infest 101 Android applications, bent on exfiltrating infected device data. Read More
Related Posts
![New Hampshire House passes new AI election rules. Review panel states that Microsoft could have stopped Chinese email hack.](https://thecyberwire.com/images/pages/caveat-briefing.jpg?#)
New Hampshire House passes new AI election rules. Review panel states that Microsoft could have stopped Chinese email hack.
New Hampshire House passes new AI election rules. Review panel states that Microsoft could have stopped Chinese email hack.
New Hampshire House passes new AI election rules. Review panel states that Microsoft could have stopped Chinese email hack. Read More
The CyberWire
Critical Microsoft Outlook Zero-Click RCE Flaw Executes as Email is Opened
Critical Microsoft Outlook Zero-Click RCE Flaw Executes as Email is Opened
A critical zero-click remote code execution (RCE) vulnerability has been discovered in Microsoft Outlook.
This vulnerability, designated as CVE-2024-30103, enables attackers to run arbitrary code by sending a specially designed email. When the recipient opens the email, the exploit is triggered.
The vulnerability, CVE-2024-30103, is particularly alarming due to its zero-click nature. Unlike traditional phishing attacks that require user interaction, this flaw can be exploited without any action from the user.
Opening the malicious email alone is enough to compromise the system, making it a powerful weapon for cybercriminals and greatly reducing the barriers to successful exploitation.
With ANYRUN You can Analyze any URL, Files & Email for Malicious Activity : Start your Analysis
According to Morphisec’s detailed analysis, the vulnerability lies in the way Microsoft Outlook processes certain email components.
When a specially crafted email is opened, it triggers a buffer overflow, allowing the attacker to execute arbitrary code with the same privileges as the user running Outlook. This can lead to a full system compromise, data theft, or further propagation of malware within a network.
Impact and Mitigation
Given the widespread use of Microsoft Outlook in corporate and personal environments, CVE-2024-30103’s potential impact is vast. Organizations are particularly at risk, as a successful exploit could lead to significant data breaches, financial loss, and reputational damage.
Microsoft has acknowledged the vulnerability and released a security patch to address the issue. Users and administrators are strongly advised to apply the latest updates to mitigate the risk. Additionally, robust email filtering and monitoring solutions can help detect and block malicious emails before they reach end-users.
Cybersecurity experts have emphasized the critical nature of this vulnerability. “Zero-click vulnerabilities are particularly dangerous because they require no user interaction, making them highly effective for attackers,” said a spokesperson from Morphisec. “Organizations must prioritize patching and adopt a multi-layered security approach to protect against such sophisticated threats.”
As of the latest updates, no known attacks are in the wild exploiting the Microsoft Outlook vulnerability CVE-2024-30103.
Looking for Full Data Breach Protection? Try Cynet’s All-in-One Cybersecurity Platform for MSPs: Try Free Demo
The post Critical Microsoft Outlook Zero-Click RCE Flaw Executes as Email is Opened appeared first on Cyber Security News.
Yoast SEO Plugin XSS Flaw Exposes 5 Million+ WordPress Websites to Attack
Yoast SEO Plugin XSS Flaw Exposes 5 Million+ WordPress Websites to Attack
[[{“value”:”
A critical cross-site scripting (XSS) vulnerability has been discovered in the popular Yoast SEO WordPress plugin, potentially putting over 5 million websites at risk of compromise.
The flaw was found by security researcher Bassem Essam and reported via the Wordfence Bug Bounty Program.
The reflected XSS vulnerability exists in all Yoast SEO versions up to 22.5 due to insufficient input sanitization and output escaping.
Document
Integrate ANY.RUN in Your Company for Effective Malware Analysis
Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:
Real-time Detection
Interactive Malware Analysis
Easy to Learn by New Security Team members
Get detailed reports with maximum data
Set Up Virtual Machine in Linux & all Windows OS Versions
Interact with Malware Safely
If you want to test all these features now with completely free access to the sandbox:
It allows unauthenticated attackers to inject malicious scripts into WordPress pages via the plugin’s URL parameters. When an administrator visits the crafted URL, the injected scripts execute in their browser session.
Successful exploitation could enable attackers to create rogue admin accounts, inject backdoors into theme and plugin files, redirect visitors to malicious sites, and gain complete control over the vulnerable WordPress site, reads the advisory.
The attack requires tricking an administrator into clicking a malicious link. Yoast has released a patched version, 22.6, to address the security hole.
All websites using Yoast SEO are urged to update immediately. According to WordPress.org, the plugin is active on over 5 million WordPress installations.
On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free.
Web security company Wordfence has added firewall rules to protect its users against any exploit attempts targeting this flaw.
They awarded Bassem Essam a $563 bug bounty for reporting the vulnerability.
“This vulnerability requires users to click on a link to be successful, and is a reminder for site administrators and users to follow security best practices and avoid clicking on links from untrusted sources,” said Ram Gall, QA Engineer at Defiant, the company behind Wordfence.
Yoast SEO is the most popular WordPress plugin for search engine optimization, making this a particularly impactful vulnerability.
Website owners who use the plugin should update to version 22.6 or later as soon as possible.
Administrators are also advised to review their sites for any signs of suspicious activity.
The incident underscores the importance of keeping WordPress plugins updated and the key role bug bounty programs play in responsibly disclosing vulnerabilities.
More details on the flaw and a timeline of its discovery and patching are available on the Wordfence blog.
Is Your Network Under Attack? – Read CISO’s Guide to Avoiding the Next Breach – Download Free Guide
The post Yoast SEO Plugin XSS Flaw Exposes 5 Million+ WordPress Websites to Attack appeared first on Cyber Security News.
“}]] Read More
Cyber Security News