Cyware Daily Threat Intelligence

Daily Threat Briefing • Jan 30, 2019
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jan 30, 2019
Top Breaches Reported in the Last 24 Hours
Rubrik data leak
A server security lapse has resulted in the leakage of a massive database of customer information belonging to Rubrik. The database was running on an unprotected Amazon ElasticSearch server and contained tens of gigabytes of data. The data exposed in the leak includes customers' names, contact information and casework for each corporate customer.
Cryptopia exchange hacked again
New Zealand based Cryptopia Exchange has suffered a new attack. This happened within a gap of 15 days after the first attack occurred. Hackers have stolen 1,675 Ethereum (around $175,875) from 17,000 Cryptopia wallets. The first wave of the attack had resulted in the loss of as much as $16 million worth of Ethereum.
Discover firm data breach
Discover financial services firm disclosed that it has been hit by a data breach that may have resulted in the compromise of payment card details of customers. The number of customers affected in the breach is unknown. It is believed that card skimming malware was used to steal the information.
Top Malware Reported in the Last 24 Hours
Formbook malware returns
Researchers have spotted a new campaign distributing the Formbook info-stealer malware. The campaign is used to target the retail and hospitality industries located within and outside the US. The malware is propagated via phishing emails that contain a malicious attachment, either Microsoft Office document or a PDF file.
WordPress site compromised
A hidden encoded spam injector malware has been discovered in the license key of a WordPress website. The malware is encoded using Base64 - a group of similar binary-to-text encoding schemes that represent binary data in ASCII format. Spam injector malware includes several layers of encoding in order to evade detection.
JobCrypter ransomware variant
A new variant of JobCrypter ransomware has been observed recently. Dubbed as RANSOM.WIN32.JOBCRYPTER.THOAAGAI, the ransomware encrypts victim’s images, documents, and videos not larger than 20 megabytes. It is distributed via spam emails containing ZIP file attachments.
Top Vulnerabilities Reported in the Last 24 Hours
Security update for Ubuntu 18.04 LTS OS
A major Linux kernel security update for Ubuntu 18.04 LTS OS has been released by Canonical. The update will address 11 security flaws that were discovered across multiple products. This includes Kubuntu, Xubuntu, Lubuntu, Ubuntu GNOME, Ubuntu Budgie, Ubuntu Kylin, and Ubuntu Studio. The vulnerabilities discovered ranged from use-after-free and buffer overflow to out-of-bounds writes. These flaws could allow attackers to either execute arbitrary code or crash the system via a denial of service attack. Apart from these security fixes, Canonical has urged all Linux 18.04 LTS OS users to update their installations immediately to ‘linux-image 4.15.0-44.47 kernel’.