Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Jun 15, 2020

Experts have raised an alarm about a new side-channel attack. Dubbed Lamphone, the technique relies on the fluctuations in air pressure on the surface of a hanging bulb. It can be used to pilfer private conversations between users.

Meanwhile, Intel has announced a new security capability to protect devices that will use the company’s upcoming Tiger Lake mobile processors. Termed as Control-Flow Enforcement Technology, the feature will be beneficial against Return Oriented Programming/Jump Oriented Programming/Call Oriented Programming malware.

Moreover, cyber crooks were found using SEO spamming to fool website owners into believing that their websites’ databases were compromised. The actors demanded ransoms from the owners to prevent the leak of data, which actually did not exist.

Top Breaches Reported in the Last 24 Hours

Claire’s breached

The U.S.-based jewelry and accessory giant Claire’s and its subsidiary Icing were compromised in April in a Magecart attack. This enabled the attackers to steal customers’ credit card details. The skimmer was served from a domain that looked similar to that of the company’s legitimate domain.

Intersport also attacked

Intersport’s web store had suffered a Magecart-like attack after crooks planted skimmer code on the checkout page to steal credit card details. The incident had occurred on April 30 and May 14, 2020.

Top Malware Reported in the Last 24 Hours

Black Kingdom ransomware

The operators of Black Kingdom ransomware are targeting enterprises with unpatched Pulse Secure VPN software. The vulnerability in question is CVE-2019-11510. According to researchers, the ransomware establishes persistence by impersonating a legitimate scheduled task for Google Chrome. It uses .DEMON extension to append the encrypted files and later drops a ransom note, demanding $10,000 to be deposited to a bitcoin wallet.

Top Vulnerabilities Reported in the Last 24 Hours

Intel adds a new security

Intel has announced a new CPU-level security capability that offers protection against malware using control-flow hijacking attack methods. Termed as Control-Flow Enforcement Technology (Intel CET), the software will guard devices that will use the upcoming Tiger Lake mobile processors. It includes two new capabilities- Shadow Stack and Indirect Branch Tracking (IBT).

Lamphone attack

A group of researchers has devised a new side-channel attack technique, called Lamphone, for eavesdropping on conversations. It relies on the fluctuations in air pressure on the surface of a hanging bulb. The researchers have successfully tested the technique by targeting an office room located on the third floor of an office building.

GTP vulnerabilities

Vulnerabilities in the GPRS Tunneling Protocol (GTP) can expose 4G and 5G cellular networks to a variety of attacks. This includes denial of service attacks, impersonation attacks, and identity fraud. The flaws impact both mobile operators and their clients.

Top Scams Reported in the Last 24 Hours

Cybersquatting

Cybercriminals have reportedly created a legitimate-looking copy of privnote.com to trick users by manipulating their text content. This enabled the crooks to steal bitcoin by changing wallet addresses contained in requests sent via the platform.

Spamdexing

Scammers are using blackhat SEO techniques to threaten website owners into paying ransoms between $15,00 and $3,000 in bitcoins. The fraudsters make a fake claim that they have exfiltrated their databases and will leak the same on the internet unless a ransom is paid.

Related Threat Briefings