Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Oct 4, 2021

A county is in trouble, operations at a publication giant are disrupted, and an aerospace organization has suffered a loss of a massive trove of data. Blame it on ransomware attacks running rampant. While Pottawatomie county is working on restoring its affected systems, the publication giant Sandhills Global had to temporarily take down its website. To make it worse Israel-based E.M.I.T aerospace was threatened by LockBit 2.0 operators if the firm failed to pay the ransom.

Meanwhile, a new ransomware named Atom Silo has also been attempting to make a strong foothold in the threat landscape. Researchers observed the ransomware being deployed in a campaign that exploited a recently patched Confluence Server and Data Center vulnerability.

Top Breaches Reported in the Last 24 Hours

Coinbase notifies about a breach

U.S. cryptocurrency exchange Coinbase is notifying its customers about a data breach that took place between March and May. The attack occurred after attackers gained unauthorized access to Coinbase customer accounts and moved their funds from the platform.

Sandhills Global disrupted

Publication giant Sandhills Global has shut down its operations following a ransomware attack. The attack disrupted the website, making it inaccessible to everyone.

Pottawatomie County targeted

Pottawatomie County is working on restoring its systems after being targeted in a ransomware attack. The county paid a ransom to hackers to restore the systems.

E.M.I.T hit

Israeli Aerospace and Defence firm E.M.I.T became the latest victim of LockBit 2.0 ransomware. Following the attack, the threat actors have threatened to leak the data on the dark web in case the company fails to pay the ransom.

Top Malware Reported in the Last 24 Hours

New Atom Silo ransomware

Atom Silo is a newly spotted ransomware that is deployed by exploiting a recently patched Confluence Server and Data Center vulnerability. The ransomware uses several novel techniques such as DLL side-loading techniques to evade detection. Atom Silo shares similarities with LockFile ransomware.

Top Vulnerabilities Reported in the Last 24 Hours

PoC for macOS Gatekeeper bypass released

A researcher has released PoC for a macOS Gatekeeper bypass vulnerability that was patched this April. The flaw is tracked as CVE-2021-1810 and can allow attackers to download malicious files. Successful exploitation needs attackers to trick users into downloading and opening the archive containing a specially crafted file.

Exploitation of OMIGOD flaws

Experts warn that one of the OMIGOD flaws affecting IBM QRadar Azure can be exploited by attackers to execute arbitrary code. The flaw is tracked as CVE-2021-38647 and can be triggered by executing a specially crafted program on vulnerable systems.

Related Threat Briefings