Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Aug 2, 2021

Hospitals and medical facilities are at risk of attacks from nine new vulnerabilities discovered in the Nexus Control Panel software. Collectively dubbed as PwnedPiper, the flaws can enable attackers to launch remote code execution attacks and gain access to a hospital’s network. Furthermore, the flaws can also be exploited to harvest sensitive data of healthcare workers.

A new sophisticated RAT named FatalRAT has been spotted in the cyberthreat landscape. Distributed via Telegram channels, the malware comes with a wide set of anti-analysis capabilities. Researchers expect to see a rise in the presence of the trojan and its variants in the near future.

Top Breaches Reported in the Last 24 Hours

Faulty platform exposed data

A now-patched security issue in Thailand’s vaccine registration platform had exposed emails and personal details of over 20,000 applicants. The data was found publicly available on the internet.

Top Malware Reported in the Last 24 Hours

New FatalRAT

A new trojan named FatalRAT has been found to be distributed via different software or media articles on Telegram channels. The malware includes several evasion techniques, as well as other capabilities such as logging user keystrokes, collecting system information, and exfiltrating over the C2 channel.

Decryptor for Prometheus ransomware

Researchers have released a free decryptor for Prometheus ransomware that can allow the victims to retrieve their encrypted files. The ransomware, which was first observed this July, uses the Salsa20 algorithm to encrypt victims’ files.

**Top Vulnerabilities Reported in the Last 24 Hours **

PwnedPiper vulnerability

Nine critical vulnerabilities, collectively called PwnedPiper, were found impacting the Nexus Control Panel that powers all current models of Translogic Pneumatic Tube Systems (PTS). Five of these flaws can be used to launch remote code execution attacks and gain access to a hospital’s network. Researchers claim that over 80% of the major hospitals in the U.S. are impacted by the vulnerabilities.

Top Scams Reported in the Last 24 Hours

Office 365 users targeted

Cybercriminals are spoofing the WeTransfer file-sharing system to target Microsoft Office 365 users with an aim to pilfer their credentials. The attack starts with recipients receiving emails with the title ‘View Files Sent Via WeTransfer’. These emails include two files, which if opened, lead the victim to a fake login page of Microsoft Excel.

Related Threat Briefings