Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence December 11, 2018 - Featured Image

Daily Threat Briefing Dec 6, 2018

Top Breaches Reported in the Last 24 Hours

Humble Bundle breach

The popular online gaming subscription site Humble Bundle suffered a data breach that was caused a bug in the website. The bug allowed hackers access to users' data. The hackers(s) behind the attack combined the flaw with a credential stuffing attack to gain access to sensitive information. The breach did not expose names, passwords, billing data or payment information. However, attackers were able to access the Humble Monthly subscription status of users. Although the data stolen by the attackers was not related to customers' personal information, it could still be used by attackers to launch phishing attacks or scams.

Top Malware Reported in the Last 24 Hours

Zekapab

The Russian cyberespionage group Fancy Bear was spotted distributing the Zekapab (aka Zebrocy) malware, using Brexit themed lures, in a new phishing campaign. The malware was used against US think tanks, government agencies, universities, political organizations, and others. The lure was also used by the hackers in another campaign that targeted NATO members, Central Asian countries and Russia's neighboring nations.

SilverHawk

The Syrian Electronic Army was recently found targeting the Middle East in a new campaign. The hacker group was found delivering SilverHawk - an Android spyware that is designed to create fake updates for communication apps like WhatsApp and Telegram. The group also created MS Word and YouTube fakes filled with the SilverHawk spyware.

Android malware

Numerous malicious voice communication and messaging apps on Google Play have been discovered on Google Play. These messaging platforms leverage modular downloaders to contact C&C servers, obtain payloads, and serve up fake surveys designed to steal user data. The malware exfiltrates data such as names, phone numbers and home addresses.

Related Threat Briefings