We use cookies to improve your experience. Do you accept?

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Jun 24, 2022

Log4Shell continues to haunt organizations in the U.S. as the government agencies underlined several incidences of various hacker groups, including an APT, trying to penetrate enterprise networks. Meanwhile, threat actors behind scalper bots made it extremely challenging for the Israeli government to deliver public services by faking hundreds of thousands of appointment requests.

In another update, Google has pointed toward an Italian firm for developing the Hermit spyware that can infect both iOS and Android. For now, its victims are in Italy and Kazakhstan.

Top Breaches Reported in the Last 24 Hours

**Extortion attack hits Brazilian retail **

Cyber adversaries claimed to breach the networks of Sao Paulo-based retail company Fast Shop and steal terabytes of data. The group was able to take over the retailer’s Twitter account and could push its website and app for a shutdown. There’s no information on which extortion group was behind the attack.

More victims at a healthcare facility

Indiana University Health revealed that the sensitive information of its patients was leaked in a cyber incident at MCG Health in 2020. Exposed data include names, SSNs, medical codes, full addresses, contact numbers, email addresses, gender details, and more.

Top Malware Reported in the Last 24 Hours

Scalper bots cause mayhem in Israel

Akamai researchers reported an army of scalper bots trained to secure appointments for public services offered by the Israeli government. Affected areas of services include passport renewal, transport, utilities, the post office, and national insurance. Hackers scheduled more than 700,000 fake appointments, creating a months-long backlog at the Ministry of Interior.

Goggle warns of Hermit spyware

According to Google Threat Analysis Group, Hermit, an enterprise-grade spyware strain, is targeting Android and iOS mobile device users in Italy and Kazakhstan. The spyware can steal a plethora of information such as SMS messages, contact lists, call logs photos, while also exfiltrating the GPS location data of a user.

Top Vulnerabilities Reported in the Last 24 Hours

CISA alert on Log4Shell

The CISA, along with other agencies, urged organizations to patch the Log4Shell flaw in VMWare Horizon and Unified Access Gateway servers. The bug, CVE-2021-44228, was recently exploited by a suspected APT actor to deploy loader malware on targeted systems. In another incident, the CISA was forced to conduct an onsite incident response engagement.

Patch arrived after six months

Security researchers have uncovered more details on a critical Fusion Middleware vulnerability in Oracle systems. Identified as CVE-2022–21445, the flaw could be exploited for arbitrary code execution. It impacts all applications that rely on ADF Faces such as Business Intelligence, WebCenter Portal, Application Testing Suite, Identity Management, SOA Suite, and more.

Top Scams Reported in the Last 24 Hours

Hackers use COVID-19 lure

Cybercriminals were found impersonating the U.K’s NHS and sending fraud messages through SMSs, about individuals being infected by the Omicron variant of COVID-19. They urge potential victims to order a test kit, which costs £0.99 or $1.21 for postage. Scammers have leveraged different domains to excel in their scam messages.

Related Threat Briefings