Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Mar 23, 2021

The global threat landscape is constantly evolving as threat actors show no signs of slowing down. Researchers have now shared details about a new threat actor group dubbed SilverFish that was one of the many culprits behind the massive SolarWinds hack. The group’s ultimate motive is to carry out cyber-espionage and steal data from its victims.

Report of wildly exploited memory corruption vulnerability has come to light as Google revealed the information to its Android users. The flaw affects Android devices that use Qualcomm chips and can enable attackers to gain access to a device’s memory.

In other major news, Energy giant Shell becomes the latest victim of Accellion’s FTA hack that affected around 100 companies worldwide.

Top Breaches Reported in the Last 24 Hours

MangaDex site affected

Popular manga reader MangaDex has decided to rebuild its website after suffering a major breach. The incident resulted in the compromise of source code and potentially a customer database.

Sierra Wireless impacted

Canadian multinational Sierra Wireless was forced to halt production at its manufacturing sites across the world after a ransomware attack. The attack had hit the company on March 20, 2021.

Shell discloses data breach

Energy giant Shell has disclosed a data breach that occurred due to the compromise of Accellion’s File Transfer Appliance. The company claims that no IT systems have been affected during the attack.

Top Vulnerabilities Reported in the Last 24 Hours

Google warns about a vulnerability

Google has warned Android users that a recently patched vulnerability is being exploited. Tracked as CVE-2020-11261, the high-severity flaw arises from an improper input validation issue affecting a display/graphics component from Qualcomm. The flaw is related to the memory corruption vulnerability.

Adobe releases security updates

Adobe has released out-of-band security updates to address a critical vulnerability impacting ColdFusion versions 2021, 2016, and 2018. The vulnerability is tracked as CVE-2021-21087 and is related to Improper Input Validation software vulnerability.

Vulnerable GE Power Management devices

CISA has warned about vulnerabilities in GE Power Management Devices that could be exploited by an attacker to conduct multiple malicious activities on systems belonging to the Universal Relay family. The flaws could be exploited to access sensitive information, reboot the device, trigger a denial-service condition, and gain privileged access.

Related Threat Briefings