Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Jun 4, 2020

Another day, another round of new security patches. Google and SAP have released several security updates as part of the June 2020 security patches. While Google has addressed a total of 43 flaws affecting its Android system, SAP has fixed more than six vulnerabilities affecting its Sybase database, ABAP application server, and Business Client software.

In other developments, threat actors behind TrickBot trojan once again upgraded their techniques by adding a new malware called ‘BazarBackdoor’. The backdoor is delivered via phishing emails that use employee termination notices, customer complaints, and other themes to lure victims.

Top Breaches Reported in the Last 24 Hours

Coincheck announces a breach

Japanese cryptocurrency exchange Coincheck has disclosed a security breach that occurred earlier this week. The hackers managed to access some emails sent to the firm by its customers. As a result, the hackers could obtain personal information of some users such as their names, dates of birth, phone numbers, and registered addresses.

DMI breached

DopplePaymer ransomware gang has claimed to have breached a NASA IT contractor, Digital Management Inc. To support their claims, the attackers have shared 20 archive files stolen from the firm on a dark web portal. These archives include HR documents and project plans.

Top Malware Reported in the Last 24 Hours

New BazarBackdoor malware

The operators of TrickBot trojan have been found using a new backdoor called ‘BazarBackdoor’ to gain full access to targeted networks. The attack campaign makes use of phishing emails that leverage employee termination notices, customer complaints, and other themes to propagate the backdoor.

Cryptocurrency hacks

Hackers have been found using a bot to scan publicly available GitHub repositories. The ultimate goal of the hackers is to steal cryptocurrencies from an individual’s wallet account. The incident came to light after a Redditor left his MetaMask wallet’s mnemonic exposed in a public GitHub repository.

Top Vulnerabilities Reported in the Last 24 Hours

Google rolls out updates

Google has addressed a total of 43 vulnerabilities in Android systems as part of the June 2020 security patches. The most critical of these vulnerabilities are two remote code execution vulnerabilities which are tracked as CVE-2020-0117 and CVE-2020-8597. Both the flaws affect Android versions 8.0 through 10.

SAP patches flaws

SAP has issued several security updates for vulnerabilities affecting its different products. These include fixes for six flaws affecting SAP’s Sybase database software. Other critical security patches are for the ABAP application server, Business Client, BusinessObjects, Master Data Governance, Plant Connectivity, NetWeaver, and SAP Identity Management software.

Cold boot attack

Last month, LG had released a security update for a vulnerability that impacted its Android smartphones sold over the past seven years. The flaw, identified as CVE-2020-12753, existed in the bootloader component of the smartphone. It impacted phones starting with the LG Nexus 5 series.

Related Threat Briefings