Go to listing page

Cyware Daily Threat Intelligence, December 26, 2022

Cyware Daily Threat Intelligence, December 26, 2022

Share Blog Post

Welcome to the last week of the year! While you could be excited to do some giveaways via gift cards, we want to warn you that the card may have been compromised. Researchers have found a working exploit against a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin, currently in use by over 50,000 devices. In other news, security researchers uncovered the highest CVSS-scoring Linux kernel vulnerability. The bug may lead to arbitrary code execution in the context of the kernel.

Moving on, a cybercriminal in the underground marketplace claimed to have stolen the personal details of billions of users. The adversary allegedly has the data of several personalities.

Top Breaches Reported in the Last 24 Hours


Huge claim on Twitter user data
A threat actor, on a hacker forum, purportedly pilfered personal details, including email IDs and phone numbers, of 400 million Twitter users. In a forum post, the hacker also urged Twitter CEO Elon Musk to make a deal with him to buy the data. The database may have data pertaining to three dozen personalities, including Ethereum cryptocurrency founder Vitalik Buterin.

Public Cincinnati college suffers breach
Cincinnati State Technical Community College revealed that it fell victim to a cyberattack that occurred owing to unauthorized access to the network in the first week of November. Hackers managed to obtain a variety of data, such as SSNs, license information, and health insurance and financial account information.

$8 million stolen from BitKeep
Blockchain security and analytics firm PeckShield estimated that hackers may have drained over $8 million in different crypto assets via the wallet users of BitKeep. Users reported the issue of unsolicited transactions on Twitter. The firm confirmed—on its Telegram channel—about some bogus APK downloads, which mostly led to the situation.

Top Malware Reported in the Last 24 Hours


GuLoader’s anti-analysis technique 
CrowdStrike laid bare a new technique by Visual Basic Script-based malware downloader GuLoader to stray under the radar. In a three-stage process, the payload is designed to drop a next-stage loader from a remote server. This malware performs anti-analysis checks and anti-debugging tricks at every step before injecting embedded shellcode into memory.

Top Vulnerabilities Reported in the Last 24 Hours


WordPress bug risks 50k sites
A critical vulnerability in the WordPress plugin YITH WooCommerce Gift Cards, which has over 50,000 worldwide installations. The bug, tracked as CVE-2022-45359, is being actively abused by threat actors. An unauthenticated hacker can upload files to vulnerable sites, completely taking over a compromised site.

Linux flaw CVSS 10.0
A critical Linux kernel bug was spotted exposing ksmbd-enabled SMB servers to potential attack. The bug has a CVSS score of 10 that can be exploited by an unauthenticated, remote actor to execute arbitrary code on vulnerable devices. The flaw resides in the processing of SMB2_TREE_DISCONNECT commands.

 Tags

wordpress website
yith woocommerce gift cards
cincinnati state technical community college
twitter user data
guloader
bitkeep
linux kernel bug

Posted on: December 26, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.