Cyware Daily Threat Intelligence

Daily Threat Briefing • May 30, 2022
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • May 30, 2022
Researchers uncovered a fresh zero-day in MS office that poses threat to fully patched applications. Submitted from Belarus, it can fetch malicious code without being detected in a multi-stage attack. Meanwhile, Microsoft helped mce Systems patch high-severity bug in pre-installed Android apps that concerned millions of users.
More cyber threat has come to notice after EnemyBot was found rapidly expanding to multiple platforms. In the ongoing campaign, hackers were spotted targeting recently disclosed flaws in VMware, F5 BIG-IP, and Android.
Insider attack may have hit Verizon
Verizon experienced a breach that laid bare the full names, email addresses, corporate ID numbers, and contact details of its employees. Hackers have allegedly demanded a $250,000 ransom. The stolen data was verified by Motherboard. Going by claims, the hackers convinced a Verizon employee, which helped them attain remote access to their corporate network.
MFA compromised at Spirit Super
Spirit Super, a Tasmanian-based industry, leaked sensitive records in the aftermath of a phishing attack. As many as 50,000 members were impacted by the attack that leveraged a compromised email account of a staff. Hackers masqueraded as official correspondence, which helped them overcome MFA challenges during the operation.
EnemyBot gets aggressive
The recently disclosed critical flaws in VMware products, F5 BIG-IP devices, and Android systems were found to facing threats from the operators of the EnemyBot botnet. The latest discovery unfolds that the bot now includes exploits for 24 vulnerabilities, including bugs that don’t even have a CVE number. Moreover, its source code was found on GitHub.
Zero-day in MS office
Researchers warned against Follina, a zero-day in Microsoft Office, that may have been abused by cyber adversaries. Successful exploitation of the bug could let an unauthorized individual achieve arbitrary code execution on the affected Windows machine. Additionally, researchers found that the malicious code is executed even if macros are disabled.
Critical flaws in pre-installed Android apps
Microsoft reported a number of vulnerabilities in pre-installed Android apps in a mobile framework built by mce Systems. Hackers could exploit those for remote access, launching local attacks to access system configuration, or stealing sensitive user information. The vulnerabilities were affecting apps that had millions of downloads.