Cyware Daily Threat Intelligence

Daily Threat Briefing • Oct 27, 2020
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Oct 27, 2020
The demand for cryptocurrency is in vogue and firms dealing in it are in the constant line of fire. In the past 24 hours, the decentralized finance service Harvest Finance underwent an attack, incurring a loss of $21.5 million in cryptocurrency assets.
An immigration law firm confirmed suffering a data breach that exposed the personal information of former and current Google employees. The attackers gained access to the Form I-9 details of the employees. The firm has offered a year of free credit monitoring to the affected employees. Meanwhile, Microsoft released patches to fix several vulnerabilities affecting its Chromium-based Edge web browser, including one flaw that was found to be exploited in the wild.
Top Breaches Reported in the Last 24 Hours
Hacker steals $24 million
A hacker has stolen cryptocurrency assets, including $13 million worth of USD Coin and $11 million worth of Tether, from Harvest Finance, a decentralized financial service. Although the hacker has returned $2.5 million to the platform, the company is offering a bounty of $400,000 to anyone who can return the remaining funds.
Nitro data breach
Nitro PDF services underwent a humongous data breach that can potentially affect Microsoft, Google, Apple, Citibank, and other top firms. The stolen data is on sale in a private auction, with a starting price of $80,000. The database on sale consists of 70 million user records, containing full names, email addresses, and bcrypt hashed passwords, among others.
Amazon terminates employees
Amazon has terminated some employees who were discovered to be violating company policies by leaking customer data to an unaffiliated third-party. Affected customers have been informed of the same by Amazon over email announcements.
Law firm breached
Fragomen, Del Rey, Bernsen & Loewy, LLP, an immigration law firm, suffered a data breach exposing the personal information of current and former Google employees. The hacker gained access to Form I-9 that includes full names, dates of birth, SSNs, email addresses, passport numbers, and other immigration identifiers.
Swedish security company hacked
Gunnebo, a security company, disclosed suffering a data breach incident in August that exposed details of bank vault plans, alarm systems, and security arrangements for Swedish authorities. Among the 19GB of information and 38,000 files leaked, were details of the confidential plans of the Swedish tax agency’s new office.
Top Malware Reported in the Last 24 Hours
HiddenAds malware
Google has removed 15 out of 21 malicious adware apps found in Play Store, following a report published by Avast. The apps were infected with the HiddenAds malware, that starts bombarding users with ads and makes it difficult to uninstall the app by hiding the icon.
Top Vulnerabilities Reported in the Last 24 Hours
Containerd bug
A security vulnerability, tracked as CVE-2020-15157, has been discovered in the container image-pulling process. This bug can be exploited to compel the containerd cloud platform into giving up the host’s registry or users’ cloud account credentials.
Microsoft releases security update
Microsoft released a security update for its Chromium-based Edge browser to address the CVE-2020-15999, CVE-2020-16000, CVE-2020-16001, CVE-2020-16002, and CVE-2020-16003 vulnerabilities. Among these, the CVE-2020-15999 vulnerability has, reportedly, been exploited in the wild.
Tiki Wiki flaw
A vulnerability in the Tiki Wiki CMS platform, tracked as CVE-2020-15906 (CVSS score 9.3 out of 10), could allow an unauthenticated hacker to bypass the login process and gain remote access to admin accounts. Users are recommended to upgrade to the latest version 21.2, in which the flaw has been patched.