We use cookies to improve your experience. Do you accept?

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Sep 20, 2021

Broken and vulnerable APIs can be the last straw for cyberattacks on mobile apps if they are not fixed in time. New research reveals that millions of users could have faced the risk of exposure of their personal and financial information due to security vulnerabilities in APIs used by multiple apps. The good news is that the vulnerable APIs were deactivated before they could do any harm.

In other news, AT&T suffered a loss of over $200 million following a phone unlocking scheme that was designed to install malware and gain unauthorized access to users’ mobile devices. Beware of the ongoing Elon Musk-themed cryptocurrency giveaway scam propagated under the names of "Elon Musk Mutual Aid Fund" or "Elon Musk Club".

Top Breaches Reported in the Last 24 Hours

Alaska DHSS attacked

Alaska Department of Health and Social Service (DHSS) has fallen victim to a cyberattack that was discovered on May 2. The investigation is ongoing. However, an early report cites that hackers gained access to the department’s internal network through a vulnerability in one of its websites.

Vulnerable APIs leak data

Millions of users faced the risk of exposure of their personal and financial information due to security vulnerabilities in 10 APIs used by multiple apps. 250 of these apps used the Razorpay API, which includes bulk information such as phone numbers, email addresses, transaction IDs, and refund details of users. The impacted APIs have now been deactivated.

CMA CGM attacked

The French container line, CMA CGM, has been hit by a cyberattack. This caused the leak of customer information, including their full names, email addresses, and phone numbers.

NEISD employees targeted

Over 5000 current and former employees of NEISD have received a letter about a potential data breach that affected payroll records. The said record included names and social security numbers of employees.

EventBuilder leaks data

A misconfiguration issue in the EventBuilder platform has exposed the personal details of users participating in virtual events. The data was leaked in the form of CVS and JSON files.

AT &T loses $200 million

AT&T lost over $200 million in a coordinated fraudulent phone unlocking scheme that lasted for seven years. The operation was initiated by an insider threat that eventually allowed threat actors to gain remote access to users’ mobiles.

Top Vulnerabilities Reported in the Last 24 Hours

A flaw in Virgin Media routers

A zero-day vulnerability in Virgin Media Super Hub 3 routers can enable attackers to unmask the true IP addresses of VPN users. Although the flaw (tracked as CVE-2019-16651) was disclosed two years ago, the firm is working on fixing the flaw now.

Top Scams Reported in the Last 24 Hours

New Elon Musk giveaway scam

A new Elon Musk-themed cryptocurrency giveaway scam called "Elon Musk Mutual Aid Fund" or "Elon Musk Club" is underway. The campaign promises users huge returns in exchange for small investments. It is usually targeted at social media users and the emails include specially-crafted messages to evade detection.

Related Threat Briefings