Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence July 27, 2021 - Featured Image

Daily Threat Briefing Jun 21, 2021

Threat actors, who are never at rest, are constantly giving security experts a run for their money. In a new cyberespionage campaign discovered recently, Sload aka Starslord loader has been found targeting users in Europe. This time, the attackers are using malicious VBS and PowerShell scripts to drop the loader which subsequently deploys Ramnit and Trickbot as the final payload.

Misconfigured databases drew major flak for the U.S. supermarket chain Wegmans Food Markets as this resulted in the exposure of customer details. The databases contained names, addresses, phone numbers, birth dates, and Shoppers Club numbers of customers.

Top Breaches Reported in the Last 24 Hours

Wegmans affected in a data breach

U.S. supermarket chain Wegmans Food Markets has suffered a data breach that occurred due to misconfigured databases. The databases included customer details such as their names, addresses, phone numbers, birth dates, and Shoppers Club numbers. However, the passwords are safe as they were hashed and salted.

KAERI confirms about an attack

The South Korean Atomic Energy Research Institute (KAERI) has confirmed a cyberattack from the Kimsuky threat actor group. The adversary had exploited a vulnerability in the VPN system used within the research institute’s environment to enter into the network.

Top Malware Reported in the Last 24 Hours

Starslord loader is back

Sload, or Starslord loader, has been spotted in a new cyberespionage campaign targeting users in Europe. This time, the attackers are using VBS and PowerShell scripts instead of relying on malicious documents to gain an initial foothold. The final payload of the downloader includes Ramnit and Trickbot trojans.

Top Vulnerabilities Reported in the Last 24 Hours

New iPhone bug

A new bug discovered in iPhone’s wireless functionality can be exploited to join a nearby hotspot with an unusual name, after which the wireless functionality of the device gets disabled. The flaw has been successfully on iPhone XS, running iOS version 14.4.2.

Vulnerable Cisco switches

Researchers have identified multiple vulnerabilities in Cisco’s Small Business 220 series smart switches. Attackers can abuse one of these flaws (CVE-2021-1542) to hijack a user’s session and gain access to the switch’s web interface. It is rated high severity.

https://www.securityweek.com/researcher-finds-several-vulnerabilities-cisco-small-business-switches

Top Scams Reported in the Last 24 Hours

Beware of Amazon Prime Day scams

Security experts have warned online shoppers about Amazon Prime Day scams that are underway. These scams are carried out via emails and text messages, where the cybercriminals lure consumers into entering their details into fake websites. These messages include fake deals or prize offering to encourage recipients into clicking malicious links.

Related Threat Briefings