Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Aug 17, 2020

A security lapse by cybercriminals can be a major boon for security experts and this is what has happened in the case of the notorious Emotet trojan. A buffer overflow vulnerability in Emotet discovered by cybersecurity experts enabled them to create a kill switch called EmoCrash which prevented the trojan from infecting users. Though the kill switch was short-lived - alive for 182 days - it helped many susceptible organizations to thwart the attacks by Emotet between February 6, and August 6, 2020.

The past 24 hours also witnessed some major blow from ransomware attackers. The Japanese technology giant, Konica Minolta, and the US spirit and wine giant, Brown Forman, disclosed that their systems and networks were affected after being hit by ransomware attacks.

Top Breaches Reported in the Last 24 Hours

Konica Minolta breached

A ransomware attack at the Japanese technology giant, Konica Minolta, had caused a week-long outage at the firm’s MyKMBS customer portal. Following the attack, the ransomware encrypted internal files and appended the .K0N1M1N0 extension to their filenames.

GCKey service targeted

Thousands of user accounts for online government services in Canada were impacted in a cyberattack that targeted the GCKey service. The incident had affected about 5,500 Canada Revenue Agency accounts, following which the access to these accounts was suspended to protect taxpayer information.

Jack Daniel's maker attacked

US wine and spirits giant, Brown-Forman, has become the latest brand to suffer a REvil (aka Sodinokibi) ransomware attack. The operations claim to have stolen 1TB of corporate data during the attack and are most likely expected to release it in batches on their data leak site.

Top Malware Reported in the Last 24 Hours

EmoCrash thwarts Emotet

Researchers have developed a kill-switch named EmoCrash to crash the Emotet trojan during its installation process, thereby effectively preventing users from getting infected. The kill switch was alive for 182 days between February 6, 2020, and August 6, 2020, before the malware authors patched Emotet and closed the buffer overflow vulnerability.

Top Vulnerabilities Reported in the Last 24 Hours

PoC for RCE flaw released

The Proof of Concept (PoC) for a potential remote execution vulnerability in Apache Struts 2 has popped up on GitHub. The flaw, tracked as CVE-2019-0230, affects versions 2.0.0 to 2.5.20 and could allow an attacker to supply unvalidated input into an attribute used inside of an OGNL expression. The flaw was fixed in version 2.5.22 of Apache Struts.

Top Scams Reported in the Last 24 Hours

Customer card details stolen

The luxury Ritz hotel in London has fallen victim to a sophisticated scam that resulted in the compromise of customers’ payment card details. To do so, the scammers impersonated the hotel staff and asked the customers to confirm their bookings by providing their payment card details.

Related Threat Briefings