Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence January 16, 2019 - Featured Image

Daily Threat Briefing Jan 10, 2019

Top Breaches reported in Last 24 Hours

DePaul University breach

DePaul University has inadvertently exposed private information of over 650 employees due to a human error. The information exposed in the breach includes names and email addresses of 656 employees who had completed the school's wellness program. The breach occurred after the Chicago-based university neglected the 'blind copy' feature that eventually made the recipients' names and email addresses visible to anyone.

Reddit accounts suspended

Accounts of some Reddit users have been suspended following the discovery of unusual activities. The irregular activities indicate the unauthorized access. Experts believe that a credential stuffing attack was used to hack the accounts of users. It still remains unclear as to how many user accounts have been affected by the attacks. Reddit, meanwhile, is working on normalizing the operations of the website.

Top Malware Reported in Last 24 Hours

CryptoMix returns

The infamous CryptoMix ransomware has made a comeback in a new attack campaign that fools users into donating money in form of bitcoins for a charity. Weak RDP ports are leveraged to distribute the malware. Once installed, CryptoMix encrypts the data in servers and wipes out back-up data. Later, it displays a ransom note, which appears to be a note for charity, on the victim's computer.

Malicious Chrome extensions

A new type of malicious Chrome extensions have been found performing man-in-the-middle attack. They are used by hackers to steal credentials, cookies and financial data from users. In order to perform certain actions, these extensions first gain permission to various data such as visited pages, bookmarks, browser history, clipboards and list of installed apps.

Shipping firms under threat

Threat actors are recently leveraging BEC attacks to target shipping industry. This can result in credential theft of full-scale compromise of systems. Scammers are using social engineering tricks to imitate high-level executives. This is based on data collected from social media or using hacking tools.

Top Vulnerabilities Reported in Last 24 Hours

Apple OSX bugs

Critical vulnerabilities in the IntelHD5000 kernel extension used in Apple OSX have been discovered by researchers. The bugs tracked as CVE-2018-4456 and CVE-2018-4421 can be exploited for privilege escalation. Apple OSX version 10.13 is primarily affected by these bugs.

Intel patches vulnerabilities

Intel has released patches to address five privilege-escalation flaws that affected an array of products. The flaws are tracked as CVE-2018-12177, CVE-2019-0088, CVE-2018-18098, CVE-2018-12155 and CVE-2018-12177. Of these, the first three have been marked as high-severity flaws.

MS Office SharePoint flaw

Security researchers have disclosed that Microsoft Office SharePoint is prone to an XSS flaw. The flaw is dubbed as CVE-2019-0558, can allow an attacker to execute arbitrary script code in the browser of an unsuspecting user. As a result, attackers can perform several actions such as read, modify or delete the contents.

Top Scams Reported in Last 24 Hours

Email Scam

Bogus emails under the guise of school registers were used by fraudsters to dupe St Lawrence College parents into paying school fees in advance. The first email was sent in December 2018 which informed the parents that they could receive discounts if they paid winter and summer 2019 fees in advance. Later, another fraud email was sent in January 2019, which gave false bank account details for depositing the fees in cryptocurrency. The school authorities have notified the parents about the scam. In addition, the institution has also implemented additional security measures to prevent such cybercrimes in the future.

Related Threat Briefings