Cyware Daily Threat Intelligence
Daily Threat Briefing • Aug 2, 2022
We use cookies to improve your experience. Do you accept?
Daily Threat Briefing • Aug 2, 2022
Organ donation and its distribution are critical and any malicious cyber activity within its system could be a matter of grave medical concern. New research has unraveled security instances from the U.S.-based organ transplant network, known as United Network for Organ Sharing (UNOS), that could risk people's lives. Security gaps were identified in Arris routers as well. Millions of routers are affected in the light of a high-severity path traversal flaw in several router models.
Researchers have dissected the inner workings of a relatively new ransomware threat known as Industrial Spy. The operators behind the not-so-sophisticated ransomware have been adding new victims, which reflects its ability to breach new organizations.
Creos Luxembourg S.A. breached
The BlackCat ransomware group has allegedly targeted the energy firm Creos Luxembourg S.A. that operates as an energy supplier in five EU countries. The stolen files are 150GB in size, as per claims made by the group. The attack, apparently, also impacted the customer portals of Encevo and Creos, throwing them offline. All consumers have been recommended to reset their account credentials.
Twitter API keys leaked
CloudSEK researchers curated a list of 3,207 mobile apps that were found exposing Twitter API keys. Some of these keys could be abused to illegally takeover the associated Twitter accounts and perform sensitive actions, such as retweeting or deleting tweets, accessing account settings, and more. Hackers can also create a bot army on Twitter to spread misinformation.
Industrial Spy: A new ransomware threat
Zscaler ThreatLabz has published a report on Industrial Spy, which was first spotted in April 2022, and performed a technical analysis. It found that the group may not always encrypt a victim’s files but it will exfiltrate and sell data on dark web forums by using the ransomware. Notably, the ransomware lacks common features, such as anti-analysis and obfuscation, that are often spotted in modern ransomware families.
**Security holes in Organs transplant network **
The Washington Post has reported security weaknesses in networks of the United Network for Organ Sharing. The non-profit is responsible for running the organ transplant network and prioritizing organ distribution in the U.S. It noted that its system has crashed for a total of 17 days since 1999. Most of its systems operate out of a local data center instead of a cloud computing system. Besides, UNOS has never let any government official see the full code behind the system, which it claims is a trade secret.
**Multiple flaws in LinkHub Mesh Wi-Fi system **
Cisco Talos laid bare 17 bugs in the LinkHub Mesh Wi-Fi system. It has eight buffer overflow vulnerabilities, two command injection vulnerabilities and information disclosure vulnerabilities, and four denial-of-service vulnerabilities. The exploitation of these flaws could lead to code injection (at the operating system level), credential leak, and even DoS attacks on the entire network.
Path traversal flaw exposes sensitive data
Researchers uncovered three flaws in the Arris firmware that can be found in several router models. The firmware hosts the MIT-licensed muhttpd web server, where precisely the flaws, including a path traversal flaw, reside. A third party can abuse the path traversal flaw, tracked as CVE-2022-31793, to access files and directories stored outside the web root folder.
Google addresses three dozen vulnerabilities
Google has fixed 32 vulnerabilities in the recent round of updates for the Android operating system. This includes a critical flaw in the System component that an attacker can abuse for remote code execution. The attack can be carried out via Bluetooth without additional execution privileges.