Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing May 30, 2022

Researchers uncovered a fresh zero-day in MS office that poses threat to fully patched applications. Submitted from Belarus, it can fetch malicious code without being detected in a multi-stage attack. Meanwhile, Microsoft helped mce Systems patch high-severity bug in pre-installed Android apps that concerned millions of users.

More cyber threat has come to notice after EnemyBot was found rapidly expanding to multiple platforms. In the ongoing campaign, hackers were spotted targeting recently disclosed flaws in VMware, F5 BIG-IP, and Android.

Top Breaches Reported in the Last 24 Hours

Insider attack may have hit Verizon

Verizon experienced a breach that laid bare the full names, email addresses, corporate ID numbers, and contact details of its employees. Hackers have allegedly demanded a $250,000 ransom. The stolen data was verified by Motherboard. Going by claims, the hackers convinced a Verizon employee, which helped them attain remote access to their corporate network.

MFA compromised at Spirit Super

Spirit Super, a Tasmanian-based industry, leaked sensitive records in the aftermath of a phishing attack. As many as 50,000 members were impacted by the attack that leveraged a compromised email account of a staff. Hackers masqueraded as official correspondence, which helped them overcome MFA challenges during the operation.

Top Malware Reported in the Last 24 Hours

EnemyBot gets aggressive

The recently disclosed critical flaws in VMware products, F5 BIG-IP devices, and Android systems were found to facing threats from the operators of the EnemyBot botnet. The latest discovery unfolds that the bot now includes exploits for 24 vulnerabilities, including bugs that don’t even have a CVE number. Moreover, its source code was found on GitHub.

Top Vulnerabilities Reported in the Last 24 Hours

Zero-day in MS office

Researchers warned against Follina, a zero-day in Microsoft Office, that may have been abused by cyber adversaries. Successful exploitation of the bug could let an unauthorized individual achieve arbitrary code execution on the affected Windows machine. Additionally, researchers found that the malicious code is executed even if macros are disabled.

Critical flaws in pre-installed Android apps

Microsoft reported a number of vulnerabilities in pre-installed Android apps in a mobile framework built by mce Systems. Hackers could exploit those for remote access, launching local attacks to access system configuration, or stealing sensitive user information. The vulnerabilities were affecting apps that had millions of downloads.

Related Threat Briefings