Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence May 24, 2018 - Featured Image

Daily Threat Briefing May 24, 2018

Top Vulnerabilities Reported in the Last 24 Hours

Red Hat's fix for Spectre Variant 4
Red Hat has released security mitigation for products affected by the recently disclosed Speculative Store Bypass (CVE-2018-3639) flaw. Derivatives like CentOS are affected by this flaw. By exploiting this flaw, unauthorized users can read privileged memory and expose critical data via cache side-channel attacks.

Schneider Electric patches XXE flaw
The XML External Entity (XXE) vulnerability present in the SoMachine Basic software has been fixed by Schneider Electric. By leveraging this flaw, attackers could have launched an out-of-band remote arbitrary data retrieval attack. Users are advised to upgrade their systems to install the patches.

Hackers abuse Jetpack
Hackers are implementing new techniques to install malicious backdoors on websites running the open-source WordPress CMS. By using login credentials exposed in data breaches, hackers are attempting to log into WordPress[.]com accounts. They then use the Jetpack feature to connect self-hosted WordPress sites to a WordPress.com account. They can now manage thousands of self-hosted WordPress sites via the Jetpack plugin installed on each site.

Top Breaches Reported in the Last 24 Hours

LifeBridge health data breach
A data breach in Baltimore, Maryland-based LifeBridge Health and LifeBridge Potomac Professionals resulted in exposure of private information belonging to roughly 500,000 patients. Exposed information includes names, addresses, birth dates, insurance information and Social Security numbers. The data breach took place on Sept. 27, 2016, and was first detected in March 2018.

SA-based database leaked
A database containing sensitive personal data of around 934,000 South Africans has been leaked online. Names, ID numbers, email addresses, and passwords of South African citizens stored in plaintext were exposed. Researchers believe that the directory containing a backup of the sensitive data was left publicly accessible.

Top Scams Reported in the Last 24 Hours

Cryptocurrency Giveaway scam
A new cryptocurrency giveaway scam has been discovered targeting Ethereum and Bitcoin. The scam is using fake social media profiles (mostly Twitter) and spam emails to trick victims into spending a little amount of cryptocurrency as an investment in return for huge profits. The scam uses profiles impersonating popular companies, brands and personalities.

'Update Your Password' Scam
Users are being warned to beware of the new 'Update Your Password' scam. As part of this scam, users are sent emails that read as "The password for recipientname@companyname.com has expired. Please click the button below to update your password." Clicking on the link steals user credentials.

Related Threat Briefings