Cyware Daily Threat Intelligence

Daily Threat Briefing • Aug 10, 2020
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Aug 10, 2020
Vulnerable Content Management Systems (CMSes) can turn into a virtual goldmine for threat actors, who are looking to execute mass-scale attacks through CMS-powered websites. In a new revelation, researchers have demonstrated that around 20 popular CMSes are impacted by more than 30 vulnerabilities, ranging from remote code execution issues to cross-site-scripting. The vulnerable CMSes include Microsoft SharePoint and Atlassian Confluence.
The terror of ransomware attacks also made headlines in the last 24 hours. The ventilator manufacturer, Boyce Technologies was attacked by DoopelPaymer ransomware, resulting in the loss of confidential data and a slowdown in production. The attackers have leaked a portion of sales and purchase orders and assignment forms related to the firm, to push their ransom demand.
Top Breaches Reported in the Last 24 Hours
Boyce Technologies attacked
The ventilator manufacturer, Boyce Technologies, has been hit by the DoppelPaymer ransomware. The gang has leaked a portion of data stolen from the firm, which includes sales and purchase orders and assignment forms to support its claim. It has further threatened to leak more data in the following week if the firm refuses to pay the ransom.
Top Malware Reported in the Last 24 Hours
FBI warns about attack
The Federal Bureau of Investigation (FBI) has warned about cyberattacks linked with a hacker group known as Fox Kitten. To reach its goal, the group relies on recently disclosed vulnerabilities. So far, it has exploited vulnerabilities in Pulse Secure "Connect" enterprise VPNs, Palo Alto Networks "Global Protect" VPN servers and Citrix "ADC" servers and Citrix network gateways. Lately, it is targeting vulnerable F5 networks to launch attacks
Top Vulnerabilities Reported in the Last 24 Hours
Over 30 flaws in 20 CMS
Researchers have identified more than 30 vulnerabilities across 20 popular Content Management Systems (CMSes). The flaws range from remote code execution issues to cross-site scripting (XSS). The affected CMS platforms include the likes of Microsoft SharePoint, Craft CMS, and Atlassian Confluence, among others.
Bypassing scanners
At the DEFCON security conference, a security researcher demonstrated the vulnerabilities in different fingerprint scanners. The vulnerabilities can be abused to bypass biometric authentication, enabling hackers to extract data stored on devices.
Flawed Zoom fixed
Video conferencing app, Zoom, has addressed several security vulnerabilities that could have allowed threat actors to exfiltrate user data. Two of these flaws affected its Linux client and were fixed with the release of version 5.2.4.