Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing May 3, 2021

The coronavirus pandemic has only heightened criminals’ interest in online payment systems as people took to online purchases. A piece of extensive research has revealed that hundreds of thousands of payment card details were compromised in the last six months by hacking five online ordering platforms. One of the attacks involved the use of the Magecart attack technique.

In other new threats discovered, internet-connected cars are at risk of a new attack named TBONE. Researchers demonstrated that the attack can be initiated by exploiting two vulnerabilities in ConnMan, enabling attackers to take control of cars remotely without any user interaction.

An instance of software supply chain vulnerability in PHP package manager has also been spotted by researchers. This can put millions of websites at risk.

Top Breaches Reported in the Last 24 Hours

Filipino solicitor-general office breached

Around 345,000 files from the solicitor-general of the Philippines were made publicly available for almost two months before they were taken down. These files included sensitive information for ongoing legal cases, internal passwords and policies, staffing payment information, and staff training documents.

Swiss Cloud suffers an attack

Cloud hosting provider Swiss Cloud suffered a ransomware attack on April 27. While the entire server infrastructure was not impacted, the incident affected server availability for more than 6,500 customers including high-profile customers. The company is working on restoring the affected services.

First Horizon Corporation breached

First Horizon Corporation revealed that some of its customers had their online banking accounts breached by unknown attackers earlier this month. The attack was launched using previously stolen credentials and exploiting a vulnerability in third-party software.

H &M Israel hacked

An Iranian hacker group identified as N3tw0rm has threatened to release 110GB of data belonging to H&M Israel unless its demands are met. The group is affiliated with the Iran-linked Pay2Key, which has in the past claimed to breach the Israel Aerospace Industries and Israeli cybersecurity company Portnox.

Top Vulnerabilities Reported in the Last 24 Hours

TBONE attack on Tesla

Researchers have demonstrated a new attack technique, dubbed TBONE, that can enable attackers to hack Tesla and other cars remotely without any user interaction. The attack leverages the exploitation of two vulnerabilities affecting ConnMan, an internet connection manager for embedded devices.

PHP manager flaw

A software supply chain vulnerability found in the PHP package manager can put millions of websites at risk. The flaw affects Composer, the main tool used to manage and install dependencies for PHP. The flaw has now been fixed and researchers stated that the risks posed to sites using PHP is limited.

Related Threat Briefings