Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Oct 23, 2020

New variants of cyber scams are opening opportunities for online scammers. In the past 24 hours, a new phishing campaign has been found targeting Microsoft Office 365 users through a fake automated message from Microsoft Teams. The ultimate goal of the scam is to pilfer login credentials from Office 365 users.

A unique tech support scam that combines with a browser locker scam has also been observed in the last 24 hours. In this attempt, the scammers are leveraging Facebook to distribute malicious links that ultimately redirect victims to a browser locker page. The campaign also makes use of several layers of deception techniques including the abuse of a cross-site scripting flaw on a Peruvian site.

Top Breaches Reported in the Last 24 Hours

Vastaamo data breach

Hackers have held thousands of customer records of Vastaamo for ransom. The healthcare company, on its part, has reported federal agencies about the data breach. It is working closely with the agencies to boost the security of its systems.

Data of over 200 million users on sale

It has been found that a hacker is selling personally identifiable information of over 200 million Americans on a dark web forum. This includes the voter registration data of 186 million Americans. Researchers fear that the data can be used by threat actors for disinformation campaigns and other malicious activities.

Shionogi hit

Japanese drug firm, Shiogogi, was hit by a cyberattack earlier this month. Following the attack, the attackers had released stolen documents including the import license of medical equipment and employee residency permit on the dark web. The attackers have threatened to release more information unless a ransom is paid.

Dr Reddy’s lab breached

A data breach at Dr Reddy’s Laboratories has forced the pharma giant to temporarily shut its operations across the globe. The company is reviewing the extent of the breach and, at the same time, has deployed required security measures to protect its systems.

Top Vulnerabilities Reported in the Last 24 Hours

NVIDIA releases patches

NVIDIA has issued security updates for the Windows NVIDIA GeForce Experience (GFE) app to address vulnerabilities that could enable attackers to execute arbitrary code, escalate privileges, gain access to sensitive info, or trigger a Denial of Service (DoS) state on systems running unpatched software. CVE-2020-5977 is rated as the highest severity bug and scores 8.2/10 on the CVSS scale.

Top Scams Reported in the Last 24 Hours

Tech support scam

Researchers have observed a new tech support scam that combines with a browser locker scam. For this, threat actors are relying on Facebook to distribute malicious links that ultimately redirect victims to a browser locker page. The approach is unique because it involves a few layers of deception including abuse of a cross-site scripting vulnerability on a popular website.

Office 365 users targeted

Researchers are warning of a phishing campaign that pretends to be an automated message from Microsoft Teams. The ultimate goal of the campaign is to steal Office 365 users’ login credentials.

Related Threat Briefings