Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence April 24, 2018 - Featured Image

Daily Threat Briefing Apr 24, 2018

Top Vulnerabilities Reported in the Last 24 Hours

A second patch for Drupalgeddon2
As per the announcement made by Drupal developers, another Drupalgeddon2 (tracked as CVE-2018-7600) patch is going to be released on 25th of April, 2018. The patch is for 7.x, 8.4.x and 8.5.x of the content management system. At least three different attack groups are exploiting Drupalgeddon2, after it received its first patch in late March.

Flaws fixed in Foxit PDF reader
Over a dozen vulnerabilities have been fixed by Foxit in its PDF reader. The vulnerabilities include an Unsafe DLL Loading security bug, five code execution vulnerabilities, and flaws that could result in remote code execution, in information disclosure, or in application crashes. The vulnerabilities were addressed in Foxit Reader and Foxit PhantomPDF 9.1.

Vulnerable Nintendo switch
A vulnerability, known as Fusee Gelee, in an Nvidia chip used by the Switch was found to allow hackers inject code into the system and modify it. Unfortunately, this flaw cannot be fixed with a security patch. Millions of Switches are vulnerable, permanently, to what amounts to a total jailbreak.

Top Breaches Reported in the Last 24 Hours

MEDantex data breach
Sensitive patient medical records and personal information of thousands of physicians had been leaking online from MEDantex, a Kansas-based medical transcription company. The firm took down it's customer Web portal after it was informed of the issue. It's unclear exactly how many patient records were left exposed on MEDantex's site.

TSB customer accounts aren't secure
Around two million UK banking customers are reportedly experiencing issues while trying to use their accounts online. Some users were also able to access other users' funds. The problems occurred after an IT upgrade went wrong. Financial Conduct Authority (FCA) and the Information Commissioner's Office (ICO) are investigating the incident.

Ukrainian energy website compromised
Ukraine's energy and coal ministry website has been affected by a ransomware attack. Hackers posted a note in English, asking for ransom to be paid in Bitcoin. Ukraine has repeatedly blamed Russia for the attacks, though Moscow has denied any involvement in such attacks.

Related Threat Briefings