Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Jun 12, 2019

Celebrities and big music labels have always been a target of cybercriminals. In the latest incident, Radiohead has released 18 tracks of OK Computer sessions on Bandcamp after hackers stole several archived mini discs from the band’s lead singer Thom Yorke, and demanded a ransom payment of $150,000 to not release them. Meanwhile, Evite has admitted that it suffered a data breach in February. The stolen user data was actually put up for sale in the Dream Market marketplace by the infamous hacker ‘Gnosticplayers.

Recently, researchers observed the come back of FIN8 threat group targeting the hospitality sector with a new variant of POS malware dubbed ‘ShellTea’. The past 24 hours also saw several IT organizations such as Microsoft, Adobe, and Intel released monthly security updates for June, as part of Patch Tuesday. These security updates fix a host of critical vulnerabilities impacting their core products.

Top Breaches Reported in the Last 24 Hours

Radiohead releases 18 tracks of stolen OK Computer sessions

Hackers stole several archived mini discs from the Radiohead’s lead singer Thom Yorke and demanded a ransom payment of $150,000 to stop them from being released to the public. The mini discs contained 18 tracks of OK Computer sessions. Instead of meeting the hacker’s demand, Radiohead themselves released all the stolen tracks on Bandcamp for £18, with all the proceeds going to Extinction Rebellion.

Evite admits data breach

The e-invitations platform Evite has admitted that it suffered a data breach in February. The stolen user data was actually put up for sale in the Dream Market marketplace by the infamous hacker ‘Gnosticplayers’. Evite also provided additional details about the breach. The social planning website revealed that an unauthorized third party gained access to an inactive data storage file that contained Evite user accounts prior to 2013. The data storage file contained user data such as users’ names, usernames, email addresses, passwords, dates of birth, and phone numbers.

Top Malware Reported in the Last 24 Hours

FIN8 threat group back with ShellTea malware

FIN8 threat group is back with a new variant of ShellTea/PunchBuggy backdoor targeting the hospitality industry. The ShellTea malware is a POS malware which is capable of creating and executing files, writing the data or shellcode it received from the C&C server, and executing the shellcode. The malware leverages hashing algorithm to evade detection from antivirus tools.

Top Vulnerabilities Reported in the Last 24 Hours

Microsoft releases security updates

Microsoft has released its June 2019 Updates which fixes 88 security flaws affecting a range of its products. Out of the 88 flaws, 21 were rated ‘critical’ by Microsoft. The security updates also fix 9 remote code execution vulnerabilities found in the tech giant’s Office products such as Word 2010, Word 2013, Word 2016, Office 2010, Office Online Server, SharePoint Foundation 2013, Project Server 2010, SharePoint Server 2010, and SharePoint Server 2010 Office Web Apps.

Adobe releases security updates

Adobe has released security updates that fix arbitrary code execution vulnerabilities impacting Adobe ColdFusion (versions 2018,2016 and 11), Adobe Campaign Classic, and Adobe Flash Player. Through these vulnerabilities, attackers could have complete control of affected systems. CISA recommends Adobe users to update to the necessary patches.

Intel releases firmware updates

Intel has released firmware updates to fix the high-severity bugs that could allow an attacker to perform privilege escalation, denial of service (DoS), and information disclosure. The vulnerabilities impact NUC Kits and the RAID Web Console utility for Windows.

Top Scams Reported in the Last 24 Hours

Zelle Account Scam

Scammers are swindling funds from unsuspicious victims by tricking them to provide a six-digit text code they receive from their banks. The scammers then create a Zelle account impersonating the victims and gain access to their savings accounts. Upon which, they will transfer funds from the victims' savings accounts to their accounts.

Related Threat Briefings