Cyware Daily Threat Intelligence

Daily Threat Briefing • Feb 5, 2021
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Feb 5, 2021
Cerber ransomware seems to have re-emerged as one of the critical cyber threats for healthcare organizations. According to a report, the ransomware, which had disappeared in 2018, has been held responsible for the maximum number of attacks against hospitals in 2020.
The ruthless and never-ending evolution in the cyber threat landscape witnessed a new DDoS attack vector in the form of Plex Media servers. Nearly 27,000 servers exposed to the internet are vulnerable to such attacks. Meanwhile, Google has patched a zero-day heap overflow vulnerability in Chrome that is being actively exploited in the wild.
Top Breaches Reported in the Last 24 Hours
Electric companies suffer attacks
Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utility companies in Brazil, have suffered ransomware attacks over the past week. The attacks disrupted operations and forced the companies to suspend some of their systems. In the case of Copel, the attack is the work of the Darkside ransomware gang.
Plex Media servers for DDoS attacks
Researchers have highlighted that Plex Media servers are the new attack vectors for DDoS attacks. Nearly 27,000 such servers exposed to the internet are vulnerable to these attacks.
Spotify suffers another attack
Online music streaming service, Spotify, has suffered another credential stuffing attack within a span of three months. As a result, the service has forced password resets for impacted users.
Top Malware Reported in the Last 24 Hours
Fake WhatsApp
A fake version of the WhatsApp messaging app is suspected of snooping upon individuals and stealing their sensitive information. The app comes with in-built spyware linked to an Italian firm Cy4gate.
Cerber ransomware returns
Cerber ransomware has been identified as the most common ransomware that targeted healthcare organizations during 2020. It is primarily distributed via phishing emails and compromised websites.
Top Vulnerabilities Reported in the Last 24 Hours
Faulty Geeni security cameras
Geeni- and Mercury-branded security cameras and smart doorbells are riddled with flaws that could allow attackers to take full control of devices. Moreover, the flaws can be abused to expose customers’ sensitive information.
Google patches a zero-day flaw
Google has patched a zero-day vulnerability in Chrome web browser for desktop that is being actively exploited in the wild. The flaw is tracked as CVE-2021-21148 and exists in the V8 JavaScript rendering engine. The issue has been fixed in Chrome version 88.0.4324.150.
Top Scams Reported in the Last 24 Hours
Phishing campaign
A phishing campaign designed to steal Microsoft login credentials is using Google Firebase to bypass email security measures in Office 365. It is carried out via a phishing email that has a subject line reading, “TRANSFER OF PAYMENT NOTICE FOR INVOICE.” The email contains a link to download an invoice from the cloud.