Important Vulnerability on Advanced Custom Fields Plugin for WordPress

If you run a hosting business, you know how tough security is. It can feel as though attacks become more sophisticated by the day, with bots launching brute-force attacks on login pages, malware sneaking in through outdated plugins and well-made phishing attempts aimed at your customers.

When we launched the Imunify Security WordPress Plugin, our goal was clear: make security visible to site owners by showcasing the protection hosting providers deliver with Imunify360.

After rapidly reaching 50,000 installations, we are excited to share that over 260,000 WordPress websites now have the plugin installed and active.

And now, we're ready for V2.

As database infections become an increasingly popular attack vector, ensuring their protection is more critical than ever. We are thrilled to announce the latest update to our Malware Database Scanner (MDS). Our enhanced MDS now features a more user-friendly interface and improved functionality, making it easier and more efficient to detect and eliminate threats in your databases.

These changes will be included in the following packages: aibolit-32.1.11 and av-7.14.0.

On April 1st, Google will implement a new pricing model that will significantly reduce the free tier usage of reCAPTCHA and introduce new prices for the reCAPTCHA Enterprise service. Although reCAPTCHA offers decent bot protection, it is not without its flaws, yet remains quite effective. However, we at Imunify360 have decided to discontinue its use within our protection suite. This decision stems not solely from the new costs associated with its use, but more importantly, because we have developed our own bot protection technology, SplashScreen, which our recent research has shown to be as effective as Google’s reCAPTCHA.

UPD: WebShield 1.25.0 was first released to Beta on March 26 with included updates DEF-27382 PoC for the Get rid of reCaptcha epic/DEF-27508 Test&merge get rid of reCaptcha to master.
Starting from WebShield the 1.25.0 release, the Imunify360 JS challenge is used for the requests from the IPs that were graylisted.

The recent cyber attack found by Patchstack researcher Rafie Muhammad on the "Advanced Custom Fields" plugin for WordPress is a stark reminder of how vulnerable websites can be to hackers. In this case, over two million users were at risk of cyberattacks due to a vulnerability (a flaw, tracked as CVE-2023-30777) that allowed miscreants to inject malicious code into webpages and potentially hijack administrative accounts.

With Apple’s recent release of a security update for the iPhone, iPad, and Mac, it brings attention to the critical importance of regular software updates. We’re going to explore the significance of staying up-to-date with the latest security patches and highlight the efforts of Imunify360 in enhancing their update process to deliver faster and safer protection for servers.

In December 2022, hackers broke into the FBI’s 80,000-member Infragard database posing as the CEO of a financial institution. InfraGard is an outreach program that keeps public officials and private sector actors informed of national security and cybersecurity threats that could impact critical US infrastructure. 

Once inside the database, the hacker communicated directly with members in an attempt to gain personal information. Although the FBI hasn’t offered specifics on how the hacker was able to manipulate the system, we do know they had some key pieces of personal information for the person they were impersonating.

The recent news about the security incident at GoDaddy is not limited to GoDaddy. The attack is multi-year and affects hundreds of thousands, or even millions, of accounts across multiple hosting providers. The criminals are deploying redirects and other malicious payloads. We at Imunify have observed and combated this widespread issue and have been addressing it through our Imunify360 security solution.

Despite the fact that the festive season already starts in December, this month was busy for the Imunify Security team. Keep on reading to find out more about the latest package updates and some tips on how to stay secure. Stay safe and hopefully 2021 will bring you a lot of joy and pleasant moments!