We use cookies to improve your experience. Do you accept?

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Jul 4, 2022

Django is among the top Python web frameworks today and is used by some top brands in the U.S. The team behind it has recently addressed a high-severity flaw that could allow an unauthorized third party to attack Django web apps. Making the headlines is a fresh alert by the CISA to patch a Windows Local Security Authority (LSA) spoofing vulnerability, which it had to removed from its exploited vulnerabilities list in May.

Besides, insider risk is an ongoing challenge that cannot be overlooked. HackerOne was intimated of a situation by an unnamed customer about suspicious vulnerability disclosure. During the investigation, an employee was found guilty of an attempt to receive monetary payouts by stealing vulnerability reports.

Top Breaches Reported in the Last 24 Hours

Insider threat compromises vulnerability reports

At HackerOne, an employee was found leaking vulnerability disclosure reports, submitted to the platform by its partners. The leak was intended to claim the bug bounty rewards from the partners for personal gains. Taking cognizance of the situation, HackerOne has fired the employee and ensured to try to minimize the probability of such instances.

Top Malware Reported in the Last 24 Hours

Worm burrows Windows networks

Microsoft has unveiled the Raspberry Robin worm that is being spread via infected USB devices and requires users to click on a malicious .LNK file. The worm utilizes a Windows command prompt to launch a msiexec process and run its malicious file embedded within the device. Additionally, it brings the ability to bypass Windows User Account Control (UAC) while using the utilities available on the OS.

Top Vulnerabilities Reported in the Last 24 Hours

Windows LSA bug patch notice

The CISA has added back a Windows LSA Spoofing vulnerability, tracked as CVE-2022-26925, to its Known Exploited Vulnerabilities Catalog and urged federal agencies to patch their devices by July 22. It was put on hold in May due to Active Directory (AD) certificate authentication issues caused by Microsoft's May update.

Critical bug fixed in Django

Django has addressed a potential SQL Injection flaw, tracked as CVE-2022-34265, affecting Django's main branch and versions 4.1 (currently in beta), 4.0, and 3.2. The open-source Python-based web framework is at the core of tens of thousands of websites. Users need to update their Django versions to 4.0.6 and 3.2.14.

Top Scams Reported in the Last 24 Hours

Social media accounts hijacked

Scammers took over the Twitter and YouTube accounts of The British Army to promote NFT and cryptocurrency scams. The YouTube account’s name was changed and they also posted YouTube videos with a photo of Elon Musk. The British Army's Twitter account was also altered to promote NFTs. The group behind the scam is yet to be determined.

Related Threat Briefings