Cyware Daily Threat Intelligence

Daily Threat Briefing • Jan 31, 2019
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jan 31, 2019
Top Breaches Reported in the Last 24 Hours
SBI data breach
State Bank of India, India's biggest financial firm has suffered a massive data breach. The breach has resulted in the compromise of personal data of million customers. The data was stored in a passwordless database. The information compromised in the breach includes phone numbers, bank balances and recent transactions of customers.
Collection#2 data leak
Security researchers have discovered around 2.2 billion unique usernames and associated passwords dumped in an unprotected database called Collections#2-5. The database contained 845 gigabytes of data and 25 billion records in all. Most of the stolen data appear to come from previous thefts, like the breaches of Yahoo, LinkedIn, and Dropbox.
Azure outage
Microsoft has accidentally deleted customers databases during the Azure outage - that happened on January 29. This has resulted in the loss of some crucial information such as previous transactions, product orders and other updates. The firm is working on restoring the affected databases.
Top Malware Reported in the Last 24 Hours
Korean candidates targeted
A malware campaign that attempts to target Korean candidates via a fake job post of Cisco has been observed recently. The infection vector is a Microsoft Word document that goes with the name "Job Descriptions.doc." The content of the document matches with the legitimate job descriptions that are available online.
Malicious beauty camera apps
Dozens of beauty camera apps on Google Play Store have been found pushing fake ads and adult contents. These apps have the highest number of downloads in India. Apart from pushing fake ads, some of these apps were also found redirecting users to phishing websites that promises exciting prizes.
'Love Letter'malspam campaign
'Love Letter'malspam campaign has now changed its focus to Japanese users. The campaign is distributed via phishing emails that contain zipped JavaScript (.js) files. Once clicked, the 'js file downloads the first malware payload.
Top Vulnerabilities Reported in the Last 24 Hours
Canvas Draw 5 bugs
Several vulnerabilities in ACD Systems' Canvas Draw 5 have been discovered by security researchers. The flaws are dubbed as CVE-2018-3973, CVE-2018-3976, CVE-2018-3980 and CVE-2018-3981. The vulnerable component lies in the handling of TIFF and PCX images. All these are exploitable out-of-bounds write vulnerabilities.
PoC for vulnerable Cisco routers released
Disclosure of Proof-of-Code (PoC) of two high vulnerabilities in Cisco’s Small Business RV320 and RV325 routers can enable hackers to take full control over the devices. These flaws are dubbed as CVE-2019-1652 (command injection vulnerability) and CVE-2019-1653 (remote code execution vulnerability). Device owners are advised to immediately download Cisco’s patches for the two exploited flaws. Both of the bugs reside within the routers’ web-based management interface.
Top Scams Reported in the Last 24 Hours
Netflix scam
Netflix is warning its customers about a new scam that tricks users into sharing their financial details. Here, the users receive a phishing email that appears to be from the streaming company. It informs the users that their accounts are suspended until they verify all required information and update their payment method. Users are then urged to click on a link that takes them to a login page that looks almost identical to the real web page.
YouTube scam
Research has revealed that scammers are impersonating YouTube starts to steal fans' money. The followers of popular YouTube stars are sent private messages through the online video site, asking them to click on a phishing link to redeem a prize. Once the users click on the link, they are asked to fill in their personal details such as their name, address, country, and email address to win the prize.