Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Jun 28, 2021

The source code of another ransomware is leaked, giving wannabe cybercriminal groups looking to get into the ransomware scene a headstart. It appears that the tool with which one can build Babuk Locker ransomware has been leaked online and is available to anyone for free. The leaked data can be used to customize versions of the ransomware.

An interesting incident of widescale exploitation of a previously known vulnerability has been reported in the last 24 hours. The flaw in question is a cross-site-scripting flaw found in Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD). The patches for the same have been issued by Cisco last year.

Top Breaches Reported in the Last 24 Hours

NewsBlur restores data

Popular news reader NewsBlur has restored services after a hacker managed to wipe the service’s MongoDB database. After gaining access, the hacker had deleted all of NewsBlur’s data.

New details on SolarWinds attack

Microsoft has observed new activities associated with the Nobelium threat group. It found that the SolarWinds attack, which impacted hundreds of organizations, continues to be active. The attack was discovered by tracing the password spray and brute-force attack patterns linked with the APT group.

AcadME affected

A cyberattack on AcadME has affected the personal information of approximately 280,000 students in Israel. The leaked data includes emails, passwords, first and last names, addresses, and even phone numbers of students.

Top Malware Reported in the Last 24 Hours

Source code of Babuk Locker leaked

The source code of the Babuk Locker ransomware was found being shared on hacking forums. It appears that the tool with which one can build the Babuk Locker ransomware is leaked and available for free.

Top Vulnerabilities Reported in the Last 24 Hours

XSS flaw exploited in the wild

A cross-site scripting flaw discovered in Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) is being exploited in the wild. The flaw, tracked as CVE-2020-3580, was patched last year. It can be exploited by sending malicious links to users.


Microsoft rolls out patches

Microsoft has rolled out updates for two security flaws found in its Edge browser. While one is a security bypass vulnerability, the other is associated is an arbitrary code execution vulnerability.

Related Threat Briefings