{"id":12104,"date":"2022-12-30T04:08:43","date_gmt":"2022-12-30T11:08:43","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=12104"},"modified":"2023-04-19T04:01:38","modified_gmt":"2023-04-19T11:01:38","slug":"securins-threat-intelligence-december-26-2022-december-30-2022","status":"publish","type":"post","link":"https:\/\/10.42.32.162\/articles\/securins-threat-intelligence-december-26-2022-december-30-2022\/","title":{"rendered":"Securin’s Threat Intelligence – Dec 26, 2022 – Dec 30, 2022"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

This edition brings you early warnings, trending news about cyber threats, and the accurate threat context. Check out which threat group is on the rampage, what vulnerability it could soon weaponize, and more.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t

Why play catch up when you can fix this now?<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t

Trending Threats<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t

Attackers are Actively Exploiting a WordPress Vulnerability<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

CVE-2022-45359 is a vulnerability in YITH WooCommerce Gift Cards Premium, a WordPress plugin. When exploited it can allow unauthenticated attackers to upload files to vulnerable sites, including web shells that provide full access to the site. Attackers are currently uploading backdoors on the sites, obtaining remote code execution, and performing takeover attacks. The YITH WooCommerce plugin is used in more than 50,000 websites and many of its customers could be impacted by this attack campaign.<\/p>

WordPress has already released a security update<\/a> in the plugin version 3.21.0. All WordPress customers are advised to update to this version at the earliest.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t

CISA Adds Old TIBCO Vulnerabilities to the KEV<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

On 29 Dec 2022, CISA added CVEs from 2018 that occur in TIBCO Software’s JasperReports product. It is a Java-based reporting and data analytics platform for creating, distributing, and managing reports and dashboards.<\/p>

CVE-2018-18809<\/a> is a directory traversal vulnerability in the JasperReports Library that could permit web server users to access sensitive files on the host. It can also allow an attacker to steal credentials and break into other systems. TIBCO patched<\/a> it in March 2019.<\/p>

CVE-2018-5430<\/a> is an information disclosure bug in the server component that could enable an authenticated user to gain read-only access to arbitrary files, including key configurations. It was fixed<\/a> in April 2018.<\/p>

All Federal agencies in the U.S. are required to patch these vulnerabilities by January 19, 2023.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t

Follow our weekly Threat Intelligence Series and podcast for proactive alerts on trending threats.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\n\t\t\t\t

Leverage our expertise to continuously manage your threats & exposures.<\/h2>\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\tWe use our threat intelligence platform driven by Artificial Intelligence (AI) and Machine Learning (ML) models to analyze the vulnerabilities that hackers could potentially exploit. We warn our customers continuously about exposures and prioritize vulnerabilities to facilitate rapid remediation.\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\tLEARN HOW\t\t\t\t\t<\/a>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.<\/p>\n","protected":false},"author":1,"featured_media":13471,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":""},"categories":[80,146],"tags":[89,111,103],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/12104"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/comments?post=12104"}],"version-history":[{"count":22,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/12104\/revisions"}],"predecessor-version":[{"id":17819,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/12104\/revisions\/17819"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/13471"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=12104"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/categories?post=12104"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/tags?post=12104"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}