Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing May 27, 2022

Zyxel flaws have been making headlines for the past two weeks, but the recent patch alert is especially important for U.S. firms. Another patch came from Cisco that addresses a severe heap overflow bug, which an unauthorized user can abuse to launch DoS attacks.

Furthermore, cybercriminals were found dropping an updated version of Magniber ransomware on Windows 11 machines. The malware uses the RSA+AES encryption scheme to encrypt files. Also, do watch out for a WhatsApp scam that can compromise your account in just a few minutes.

Top Breaches Reported in the Last 24 Hours

Ransomware setback for a New Jersey county

A ransomware attack crippled the networks of Somerset County, New Jersey. The attack disrupted most of its online services such as email services, as well as access to land records, vital statistics, and probate records. While some of its services were restored, it is expected that the situation will be back to normal in a week or so.

Top Malware Reported in the Last 24 Hours

**Magniber meets Windows 11 users **

A new variant of the Magniber ransomware was spotted in a new attack aimed at Windows 11 systems. The attack is propagated via various online forums, cracked software websites, and fake pornographic websites, among others. Hackers ask victims to pay the ransom within five days or threaten to double the ransom amount.

Top Vulnerabilities Reported in the Last 24 Hours

Cisco tackled heap overflow attack

Cisco addressed a heap overflow vulnerability, tracked as CVE-2022-20737 (CVSS 3.0 score of 8.5) in Cisco Adaptive Security Appliance (ASA). By abusing the vulnerability, an attacker may trigger a DoS condition and gain access to sensitive data such as session cookies, various configuration data, usernames, and passwords.

Zyxel warns against flaws

Zyxel alerted its clients against four bugs concerning its firewall, AP Controller, and AP products. These could be exploited to compromise targeted systems and harvest sensitive data from machines. Though these bugs are not critical, the firm has still strongly urged network admins to upgrade their devices without much delay.

Urgent patch for VMware customers

Security researchers at Horizon3 released a PoC exploit and technical analysis for a critical authentication bypass vulnerability affecting multiple VMware products. A threat actor can exploit the critical flaw, CVE-2022-22972, to gain privileged access. Hence, customers were urged to install patches immediately. The flaw affects Workspace ONE Access, vRealize Automation, and VMware Identity Manager (vIDM).

Top Scams Reported in the Last 24 Hours

Whatsapp Hijack in minutes

CloudSEk unearthed a new WhatsApp scam that enables hackers to hijack users’ accounts using a simple phone call. First, hackers call on a victim’s numbers starting with ’67’ or ‘405,’ and then convince them for a callback. If and when it happens, the users will be logged out of their WhatsApp account and hackers would get complete control of the account, within a few minutes.

Related Threat Briefings