Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Dec 9, 2020

Top Breaches Reported in the Last 24 Hours

FireEye hacked

FireEye announced that it was hacked, allegedly, by Russian hackers. The firm stated that the attackers had used “novel tools” to evade security tools and forensics. The hackers made off with red team tools that imitate the most sophisticated hacking tools.

Animal Jam breached

Animal Jam, a free-to-play pet simulator, suffered a data breach, resulting in the theft of more than 50 million player records. A database consisting of 900,000 player records, including email addresses and hashed passwords, is being sold on a hacker forum. Another 100,000 records have been leaked as a proof-of-concept sample.

APT28 in action

APT28, a Russian-backed threat group, had reportedly brute-forced several Norwegian Parliament email accounts in August. A limited number of email accounts of employees and representatives were stolen, although the nature of the stolen data has not been disclosed.

Fax company database leak

Fax Express, a New Jersey fax company, had more than 500,000 customer emails and passwords leaked on a Russian hacking forum. The database leak originated from cit0day.in leaks, a private service for cybercriminals.

Top Malware Reported in the Last 24 Hours

Phorpiex botnet activity surges

Check Point researchers unveiled that there has been a rise in infections caused by the Phorpiex botnet. Infamous for cryptomining and sextortion spam campaigns, the botnet has been discovered spreading the Avaddon ransomware.

Easy reinstall malware

Sansec researchers discovered a malware that is nearly impossible to remove deployed on various Magento-powered online stores, set to automatically activate on Black Friday. The Magecart actors targeted Magento versions 2.2.3 to 2.2.7 to inject backdoors and credit card stealer scripts.

Top Vulnerabilities Reported in the Last 24 Hours

Bugs in all Kubernetes versions

A medium severity security bug in Kubernetes tracked as CVE-2020-8554, can be remotely abused by attackers with basic tenant permissions to conduct low complexity attacks. The design flaw affects all versions of Kubernetes with multi-tenant clusters. The Kubernetes Product Security Committee has provided advice on how to temporarily block attackers from abusing this bug.

Top Scams Reported in the Last 24 Hours

Stealing Target gift cards

Scammers are luring victims to fake sites to check the balance on their Target gift cards. While some crooks have gone to the extent of making a fake website eerily similar to the legitimate one, others have registered a targetgiftscard[.]com domain.

Related Threat Briefings