Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Aug 17, 2022

Browser bugs are highly sensitive to credentials stored over the platform. Google is alerting users about a critical zero-day bug in the Chrome browser whose exploit is readily available and hackers are using it. Additionally, the tech giant has addressed 10 more browser bugs. In another update, Kaspersky has identified two malicious PyPI packages impersonating a popular open-source package. Hackers also displayed fake stats for the number of times they were installed and the rating they had on GitHub.

Yet another intrusion on Counter-Strike networks. Its skin trading platform CS.MONEY has suffered a major breakdown after hackers pilfered items worth $6 million. Approximately 100 bot accounts were used in the attack.

Top Breaches Reported in the Last 24 Hours

Microsoft employees expose credentials

Several individuals from Microsoft have apparently laid bare their sensitive login credentials on GitHub. The exposed credentials pertained to an official Microsoft tenant ID and concerned Azure servers. Motherboard said that the incident offered a quick way for cybercriminals to hack into internal Microsoft systems.

CS.MONEY robbed of $6 million

One of the largest platforms for trading CS:GO skins CS.MONEY was attacked and the website was pulled down in the wake of a cyberattack. Attackers reportedly stole 20,000 items worth nearly $6 million. The attack spurred out of 100 controlled bot accounts pursuing thousands of transactions, stealing the items to their own accounts. All the stolen skins transferred are in trade-lock now.

Top Malware Reported in the Last 24 Hours

A couple of unwanted PyPI packages

Security researchers at Kaspersky uncovered two more malicious PyPI packages parading as one of the most popular open-source packages, named “requests“. As per findings, the code of the infected packages was eerily similar to the authentic code of the ‘requests’ package, besides for a file known as exception.py. The malware can steal session cookies, IP addresses, passwords, and more.

Top Vulnerabilities Reported in the Last 24 Hours

Splunk patches multiple bugs

Multiple vulnerabilities in Splunk’s Splunk Enterprise and Universal Forwarder were addressed within its new set of quarterly patches. Among these was a high-severity flaw in TLS certificate validation. Tracked as CVE-2022-37437, the flaw affects connections between Splunk Enterprise and an Ingest Actions Destination that are made through Splunk Web. Other bugs were seen impacting Universal Forwarder as well, along with Splunk Enterprise.

A dozen Google Chrome flaw

Google issued fixes for 11 bugs in the Chrome browser (desktop version). It warns users against an actively exploited high-severity zero-day flaw in the wild while urging them to update their browser. The critical bug, identified as CVE-2022-2856, is an issue owing to insufficient validation of untrusted input in Intents. Most of the other bugs are use-after-free vulnerabilities in various components.

Related Threat Briefings