Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Jul 26, 2021

Another blind spot in email security check! An email spam campaign that went undetected for weeks was found to deliver malware on users’ devices. The interesting aspect of this campaign was the use of the HTML smuggling attack technique that allowed threat actors to fly under the radar.

Meanwhile, enterprises have been provided with some mitigation measures to prevent the newly discovered PetitPotam NTLM attack, which affects Windows systems. The attack abuses the Encrypting File System Remote (EFSRPC) protocol. Also, stay away from fake Windows 11 downloaders that are being distributed in the wild. The ultimate goal of these fake downloaders is to drop malware on users’ systems.

Top Breaches Reported in the Last 24 Hours

THORChain loses $8 million

THORChain, a cross-chain of a DeFi protocol, has suffered a loss of around $8.3 million following a hack. The hackers stole Ether cryptocurrency by exploiting multiple vulnerabilities in the firm’s ETH router.

Signal’s blooper

Signal has fixed a serious bug in its Android app that caused the sending of random images to the wrong contacts. The issue was first reported in December 2020.

Top Malware Reported in the Last 24 Hours


Delivering malware

Threat actors made use of the HTML smuggling technique in a weeks-long email spam campaign to deliver malware to user devices. The technique enabled threat actors to bypass email security gateways.

Fake Windows 11 installer

Threat actors have created multiple fake versions of Windows 11 installers to distribute malware on victims’ systems. The fake software is offered in the form of links to users. There have been reports of these fake Windows 11 downloaders delivering adware and other malware payloads on computers.

Top Vulnerabilities Reported in the Last 24 Hours

PetitPotam attack

Microsoft has released mitigations for the recently disclosed PetitPotam NTLM attack that can allow attackers to take control of Windows systems. The attack abuses the Encrypting File System Remote (EFSRPC) protocol. A PoC for the exploitation of the flaw has been published on GitHub.

Related Threat Briefings