Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Sep 7, 2020

Malware attacks have been one of the biggest security threats for many organizations for over a decade. Throwing light on the growing threats, researchers have discovered two new malware recently. While one is a new skimming malware called Baka, the other is a variant of Thanos ransomware. The Baka skimmer is observed to have infected several merchant websites around the world. On a tangent, the new variant of Thanos ransomware is attempting to drop ransom notes on compromised systems by overwriting the computers’ Windows Master Boot Records (MBR).

Meanwhile, the infamous NetWalker ransomware claimed its latest victim by targeting Argentina’s official immigration agency, Dirección Nacional de Migraciones. The incident had temporarily halted the Argentinian border crossing process.

Top Breaches Reported in the Last 24 Hours

NetWalker attacks

Argentina’s official immigration agency, Dirección Nacional de Migraciones, has suffered an attack by NetWalker ransomware. This temporarily halted border crossing into and out of the country. To prevent the ransomware from infecting more devices, computer networks and control posts were shut down.

Service NSW breached

Service NSW revealed that the personal information of over 180,000 customers was stolen in a cyberattack that occurred earlier this year. The incident occurred after 47 staff email accounts were broken into by attackers. As a result, 738 GB of data, which comprised 3.8 million documents were pilfered from the email accounts.

Telmate leaks data

Telmate’s GettingOut dating app had leaked a database containing tens of millions of call logs, private messages, and personal information about U.S. prison inmates. Among the personal information exposed, the unsecured database included dates of birth, full names, email addresses, physical addresses, and facility IDs of individuals.

Top Malware Reported in the Last 24 Hours

New Baka skimmer

Visa has issued a warning about new digital skimming malware called Baka. Discovered first in February, the skimmer code includes both card-stealing and anti-analysis capabilities. Although it is unclear how the malware spreads, Visa claims that it has identified the malware on several merchant websites around the world.

New Variant of Thanos

A new variant of Thanos ransomware is making attempts to deliver ransom notes on compromised systems by overwriting the computers’ Windows Master Boot Records (MBR). Researchers note that even though the ransomware fails to overwrite the MBR, it still drops a ransom note in a regular way and asks victims to pay $20,000 to recover their data.

Top Vulnerabilities Reported in the Last 24 Hours

WhatsApp discloses six bugs

WhatsApp has disclosed six security vulnerabilities that could allow attackers to execute remote code on victims’ devices. The flaws are identified as CVE-2020-1894, CVE-2020-1891, CVE-2020-1890, CVE-2020-1889, CVE-2020-1886, and CVE-2020-11928. These flaws affect different versions of WhatsApp for Android, WhatsApp Business for Android, WhatsApp for Desktop, and WhatsApp for iPhone.

Related Threat Briefings