Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence January 2, 2019 - Featured Image

Daily Threat Briefing Jan 2, 2019

Top Breaches Reported in Last 24 Hours

Saint John's parking system breach

The data breach at the City of Saint John's parking ticket system is much larger than expected. The recent investigation highlights that the breach involved multiple instances where intruders gained access to confidential data of customers on the City's server through the Click2Gov payment system. The breach could have impacted individuals who used the website from early 2017 to December 16, 2018.

DarkOverlord group strikes again

The infamous DarkOverlord hacking group has made a comeback. The group has hacked law firms that handle cases related to the September 11 attacks. After gaining access to the documents, the group has threatened to disclose the related internal files in public if a ransom is not paid. The firms hacked by the threat actor includes Hiscox Syndicates Ltd, Lloyds of London, and Silverstein Properties.

Victoria public servant data breached

The work details and other personal data of 30,000 Victorian public servants have been compromised in a data breach after hackers gained unauthorized access to Victorian Government directory. The directory included the work emails, job description and work contact numbers of employees.

Top Malware Reported in Last 24 Hours

Ryuk Ransomware

Ryuk ransomware is believed to be used in a massive attack that affected newspaper organizations in the US. 'The Times', one of the affected newspapers in the attack, shared a screenshot of a ransom note titled 'RyukReadMe' - which is similar to message reported in other incidents related to Ryuk ransomware. The malware is also suspected to have disrupted printing operations of several newspapers

Operation Cloud Hopper

The China-based cyber espionage group, APT10, has been linked with the latest attack campaign dubbed as 'Operation Cloud Hopper'. The campaign is centered on stealing intellectual property and other sensitive data from organizations. APT10 has been previously linked to attacks on construction companies, aerospace firms, telecoms and public firms.

Emotet trojan

The Communications Authority of Kenya has raised an alert about the detection of Emotet trojan. The trojan has been found targeting network systems. So far, 11 cases related to the Emotet's attack have been observed by National Computer Incident Response Team Coordination Centre. The trojan can be a potential risk for organizations as it is capable of deleting or overwriting the data and files.

Top Scams Reported in Last 24 Hours

PayPal phishing scam

Scammers have been observed using Twitter to promote fake PayPal phishing scam. The scam involves the creation of an account that appears to be a legitimate PayPal account and promoting an end-of-year sweepstakes event. In the fake promotional event, the users are asked to verify their accounts by clicking on a malicious link - paypall-christmasgifts[.]com to win PayPal's New Year prizes. The scammers are leveraging such scams to steal credit card and personal details. In order to stay safe, users are advised to check the spelling of the URL before clicking on it. The 'PayPal' has been misspelled as 'Paypall'. The users should visit the original website to find out the authenticity of such offers.

Related Threat Briefings