Cyware Daily Threat Intelligence

Daily Threat Briefing • Jan 8, 2021
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jan 8, 2021
Ransomware continues to dominate the cyber threat ecosystem, with attackers wanting fast cash. Talking in the same line, the Ryuk ransomware operators have garnered a fortune of at least $150 million through criminal activities to date. The ransomware strain has targeted high-profile organizations across the world in recent months, accruing millions of dollars in ransom payments.
Moreover, the FBI has issued an advisory warning of Egregor ransomware attacks against private organizations. Equipped with the recent extortion methods, the ransomware has so far targeted over 150 organizations, including the likes of Barnes and Noble, Crytek, Kmart, and Ubisoft, among others.
Top Breaches Reported in the Last 24 Hours
Hackney Council’s data released
A cybercriminal group called Pysa has published a range of information stolen from Hackney Council in the U.K. on the dark web. This includes sensitive personal data of staff and residents. The data was stolen following an attack in October 2020.
Thousands of O365 inboxes accessed
In a recent notification, the DoJ has confirmed that thousands of its Office 365 email accounts were accessed by SolarWinds attackers last year. After learning of the malicious activity, the OCIO eliminated the attack channel by which the actors were accessing the email environment.
Ryuk amasses $150 million
The operators behind Ryuk ransomware have amassed over $150 million through cyberattacks. Most of the digital currency the group collects is sent to Asia-based exchanges Huobi or Binance, which may help them to escape scrutiny.
Top Malware Reported in the Last 24 Hours
FBI warns about Egregor ransomware
The FBI has issued a security alert about companies being attacked by Egregor ransomware. Threat actors are using phishing emails with malicious attachments to distribute ransomware and gain access to the networks.
Top Vulnerabilities Reported in the Last 24 Hours
Nvidia fixes 16 flaws
Nvidia has issued security patches for 16 security flaws found across its graphics drivers and vGPU software. The vulnerabilities can be exploited to launch DDoS attacks, escalate privileges, tamper with data, or sniff out sensitive data. The most severe of these is CVE-2020-1051, an issue that affects the graphic drivers’ kernel mode layer.
Microsoft issues a micropatch
Microsoft has released a micropatch for a local privilege escalation vulnerability affecting its Windows PsExec management tool. The flaw can enable threat actors to execute arbitrary processes with Local System permissions on targeted machines.
Browser makers issue patches
Makers of the Chrome, Firefox, and Edge browsers are urging users to patch critical vulnerabilities that can be exploited to take over systems. A majority of these are rated high-severity and tied to use-after-free bugs.