Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence October 18, 2018 - Featured Image

Daily Threat Briefing Oct 18, 2018

Top Breach Incidents Reported in the Last 24 Hours

Slovak Foreign Ministry breached

Recently, Slovak Foreign and European Affairs Ministry was hit by a massive-scale cyber-attack. This attack was uncovered due to the non-standard behavior of the computers. The attackers carried out this campaign with the goal of filtering sensitive data and then transferring them to servers abroad. Slovak PM ensured that an investigation is ongoing and they’ll be investing more in cyber defenses.

Millions of voter info leaked

A misconfigured AWS S3 bucket operated by the Tea Party Patriots Citizens Fund (TPPCF) leaked info of over 527,000 voters. As a result, names, contact numbers, states of residence, and voter ID numbers of thousands of people got compromised. The exposed data also includes strategy documents, call scripts, marketing assets, and other files revealing a focused effort to politically mobilize US voters. Attackers can not only read the files but also can modify them.

Top Malware Released in the Last 24 Hours

MartyMcFly malware campaign

A new cyber-attack campaign was carried out against the Italian Naval industry where the MartyMcFly malware was used. The campaign started with a well-crafted email, detailing spare parts matching the real engine parts. It targeted the right office asking for naval engine spare parts prices. Two malicious email attachments were used. The first one was a company profile, aiming to present the company who was asking for spare parts. The 2nd one was a Microsoft.XLSX where the list of the needed spare parts was available. The attacker asked for a quotation of the entire spare part list available on the spreadsheet.

GandCrab developers released decryption keys

The GandCrab developers have released the decryption keys for Syrian victims in an underground hacking and cybercrime forum. This initiative was taken in response to a Tweet where a Syrian victim asked for help after photos of his deceased children were encrypted. The release includes keys for GandCrab version 1.0.0 through 5.0 and each line contains the victim ID, version, and decryption key.

Related Threat Briefings