Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Jun 28, 2022

Imagine infiltrating the networks of nearly 50 victim organizations in a matter of just two months! Black Basta is the talk of the cybersecurity town these days for achieving the devilish feat. Accompanying it is the LockBit gang that just rolled out a bug bounty program, with awards up to $1 million. It is offering pay-outs to those who help them find vulnerabilities in their code and data leak site.

Furthermore, a new Android threat aimed at the users of a Spanish bank has been spotted in the wild. It can harvest the bank's login credentials through deftly crafted phishing pages.

Top Breaches Reported in the Last 24 Hours

Ransomware attack on research university

The Medical University of Innsbruck, Austria, suffered a cyberattack, triggering an outage on its system networks. The university called for a manual process for setting up new credentials for students and employees. Vice Society, a notorious ransomware group, claimed responsibility for the attack as it leaked an extensive list of stolen data.

Tencent-owned QQ reported a breach

Tencent is looking into a hacking incident at QQ, a Chinese instant messaging software. Users have reported that their QQ numbers were being stolen and exploited to send advertisements to their friends. It was found that users had mistakenly scanned an unauthenticated QR code for a game login, from where hackers obtained the data.

Skimmers pilfer data from bank’s ATM

Several customers of California-headquartered Bank of the West apparently lost their debit card numbers and PINs to skimmers installed at the bank's ATMs. Cybercriminals can use this stolen data to generate fake cards and attempt cash withdrawals. Experts have been able to identify all the affected accounts.

Top Malware Reported in the Last 24 Hours

New Android banking trojan

Revive, a previously undocumented Android malware was seen targeting users of the Spanish financial services company, BBVA. Hackers lured users into downloading a fake app posing as the bank's original 2FA app. The malicious app reportedly draws inspiration from an open-source spyware called Teardroid.

Highly-motivated RaaS group

Black Basta, a RaaS syndicate, has crippled as many as 50 victims in the U.S., Canada, the U.K, New Zealand, and Australia, within two months of launching. Researchers have warned of the threat it poses to various industries, such as manufacturing, transportation, cosmetics, telcos, pharmaceuticals, plumbing and heating, automobile dealers, and retail.

Lockbit 3.0 is here

LockBit’s new version has officially been announced by the cybercriminal gang. Dubbed LockBit 3.0, it is touted as the first ransomware to lay out a bug bounty program. The reward ranges from $1,000 to $1 million. The group has added the privacy coin Zcash as a payment option, which is available besides Monero and Bitcoin.

Top Vulnerabilities Reported in the Last 24 Hours

Bug found in latest OpenSSL version

The recently released OpenSSL library version 3.0.4 was found infected with a remote memory-corruption bug on x64 systems with the AVX-512 instruction set. According to Tomáš Mráz of the OpenSSL Foundation, it is merely a bug that makes the 3.0.4 release unusable on AVX-512 capable machines. While there isn’t any official patch release, the bug has been fixed.

Related Threat Briefings