Cyware Daily Threat Intelligence
Daily Threat Briefing • Jul 5, 2023
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jul 5, 2023
Firefox 115 is out, and it is the last version to support Windows 7 and 8. A dozen security holes were patched before the release of this version. This includes a couple of use-after-free and memory safety flaws and eight medium-severity flaws leading to a range of issues, such as arbitrary code execution, spoofing attacks, and URL spoofing. Meanwhile, experts at Zscaler ThreatLabz uncovered a new malware threat, named RedEnergy stealer, that can extract sensitive information from different web browsers. The cybercriminals are targeting users across various industry verticals through popular linked pages.
Back to bugs, Ghostscript, known for reading in PostScript program code, was patched for a sensitive security mishap. A flaw in its previous version could be abused for creating unwarranted pages of text and graphics while also sending system commands to run them.
Ransomware attack hits Japanese post
A Lockbit ransomware attack crippled container terminal operations at the Port of Nagoya, the largest and busiest port in Japan. The attack impacted all container loading and unloading operations that involve the use of trailers. It reportedly caused significant financial losses for the port of Japan. The Port of Nagoya is also used by Toyota Motor Corporation, the world’s largest automaker, for its operations.
New stealer-as-a-ransomware threat
RedEnergy, a highly advanced sophisticated stealer-as-a-ransomware threat, has been spotted launching attacks at energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines. Adversaries lure potential victims via reputable LinkedIn pages and redirect them to a bogus landing page that prompts them to update their web browsers.
Firefox 115 bug fixes
Mozilla released Firefox 115 to the stable channel, with this version addressing 12 security bugs. Among these are two high-severity use-after-free bugs tracked as CVE-2023-37201 and CVE-2023-37202. The latest Firefox update also fixed high-severity memory safety bugs, collectively tracked as CVE-2023-37211 and CVE-2023-37212, that could lead to arbitrary code execution.
Ghostscript allowed rogue documents
Security experts laid bare details of a severe bug in Ghostscript, which has been patched in its latest release of version 10.01.2. The bug, identified as CVE-2023-36664, could enable malicious documents to not only generate text and graphics pages but also inject system commands into the Ghostscript rendering engine. Successful exploitation of the bug can allow the attacker to deceive programmers into executing these commands, leading to potentially harmful outcomes.