Cyware Daily Threat Intelligence

Daily Threat Briefing • Feb 12, 2019
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Feb 12, 2019
Top Breaches Reported in the Last 24 Hours
Israeli government websites hacked
Multiple Israeli government websites were reportedly down for 45 minutes due to a possible DDoS attack. Websites with the domain name ‘gov[.]il’, including the Foreign Ministry, Defense Ministry, and Public Security Ministry were affected in the incident. There were few websites that were working slowly despite the attack. This included the domains belonging to the Education Ministry, Finance Ministry, Transport Ministry, and Health Ministry. Experts believe that it may just be a high volume of traffic which is causing the websites to underperform. Most of them are suspecting Iran-based threat actors to be behind this incident.
Top Malware Reported in the Last 24 hours
'Automatic 4K/HD for YouTube' extension removed
Google has removed a popular extension named 'Automatic 4K/HD for YouTube' from the Chrome Web Store. The extension was found spamming users with unwanted pop-up ads. The pop-up ads appeared in the GIF format and showed ads for another extension named 'Adblocker for Chrome - NoAds'. The popups abused Chrome's ability to show desktop notification and permissions contained by the extensions.
Two phishing email campaigns
Researchers have come across two phishing email campaigns that were conducted in the past week. One of the phishing emails masqueraded as a message from a Bulgarian bank and the other one masqueraded as a message from Microsoft Office 365. Legitimate services or compromised domains for links were used as a part of URLs - attached with the emails - to bypass the email filters.
Top Vulnerabilities Reported in the Last 24 Hours
Breakout security flaw
Researchers have discovered a container breakout security flaw in the runC container runtime and Kubernetes. The flaw (CVE-2019-5736) can allow an infected container to overwrite the host runC binary and gain root-level privileges. The flaw has been marked 7.2 (out of 10) on the CVSS scale.
A new version of Debian released
A new version of the Debian-based antiX MX (antiX MS 18.1) operating system has been released following the discovery of security bugs in the latest Debian Stable repositories. The update comes with up-to-date components from the Debian GNU/Linux 9.7 'Stretch' repositories. antiX MS 18.1 is available for download as 64-bit and 32-bit live ISO images.
macOS privacy protection bypass flaw
A potential privacy protection bypass flaw has been discovered in macOS Mojave. The flaw can allow attackers to access data stored in restricted folders and sneak into the contents of a victim's browsing history. macOS Mojave releases up to the 10.14.3 are affected by the flaw.