Weekly Email Security News Recap #3 [April 2022]
Today, we live in a cyber-world that never remains static. Each second, a new cybercrime takes place somewhere, damaging a big company’s sensitive data or targeting individuals.
This is why EasyDMARC stays up-to-date with the weekly news on email security and cybersecurity.
Check out our latest email security and cybersecurity news recap for reports on malicious code targeting the WordPress website builder plugin, an Encryption Implementation Error creating fake credentials, and cybersecurity attacks impacting governments and big companies.
An authenticated remote code implementation flaw was found in a WordPress website builder plugin, Elementor, which has over five million active installations.
The flaw was disclosed last week; approximately 37% of users of the plugin are on version 3.6.x. The bug was found in version 3.6.0, released last month.
The flaw allows the website to run malicious code provided by the attacker. The vulnerability might be exploitable by a person not logged into WordPress.
Code execution can happen if someone uploads a random file to an affected website.
The bug has been addressed in the latest version of Elementor. However, this exposure could allow an authenticated user to change the site title and logo, and Elementor’s theme.
And one of the worst scenarios is that a user can upload arbitrary files to the site, regardless of their authorization.
Attackers can easily make fake credentials due to the Java JDK’s critical flaw that handles some encryption techniques.
The cryptographic flaw resolved by Oracle affects Java JDK versions 15.
On April 19, a patch was distributed as part of its standard quarterly patch set.
Oracle, Java, and OpenJDK need an update because of problems in implementing typically used Elliptic Curve Digital Signature Algorithm signatures.
The cause for this issue was a coding error rather than a flaw in the encryption technique.
The issues allow man-in-the-middle attacks by faking specific SSL certificates and handshakes.
Because of the cryptographic error, hackers can steal signed JWTs, SAML claims, WebAuthn authentication messages, and much more.
A security architect at ForgeRock said that it’s hard to determine the bug’s severity.
Attackers can easily bypass any security features if a particular server uses any Java 15, 16, 17, or 18 version before the April 2022 Critical Patch Update (CPU).
Over the Easter weekend, another cybersecurity breach news story transpired. A cyberattack was discovered on data centers of the Unified Government of Wyandotte County and Kansas City.
The United Government is working with the U.S. Department of Homeland Security, the FBI, and the Mid-America Regional Council cybersecurity task force to investigate the attack.
The UG announced it’s still restoring data services.
The United Government also said the agencies are working to resolve any compromised data.
The FBI is aware of the attack and has contacted local authorities.
People who want information or updates about which services have been impacted should call 311 or get their answer on UG’s website.
Threat actors never stop their various malicious activities. Therefore, businesses need to understand how crucial it is to develop a future-proof email security and cybersecurity strategy.
You can also check this news from the third week of April by following the links:
- Cyber Security Incident’ After a Flood of Spam Emails
- McDonalds Alerts Customers of Data Hack
- Newman Regional Health Notifies 52,224 Patients After Breach of Employee Email Accounts.
- Impact of Lapsus$ Attack on Okta
- Kansas Hospital Data Breach Unnoticed for Nearly One Year