We use cookies to improve your experience. Do you accept?

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Sep 22, 2021

Weak passwords are a security red flag for a website or a database and cybercriminals are quite smart at picking up this opportunity. The U.S. farming services provider NEW Cooperative is in a new mess after the discovery of over 650 breached credentials. According to researchers, the password ‘chicken1’, which was common among the company’s 120 employees, was used over 10 times.

Amid the lax security, organizations continue to build security by issuing updates. Adobe patched decade-old vulnerabilities that affected its ColdFusion software. VMware and Nagios have also released security patches for multiple vulnerabilities affecting their products.

Top Breaches Reported in the Last 24 Hours

DeFi platform hacked

Attackers stole more than $12 million worth of crypto assets from a DeFi platform by leveraging a codebase vulnerability. The theft was executed on Binance Smart Chain, one of the multiple blockchains featured on pNetwork. Investigation into the incident is ongoing.

Epik confirms security breach

Epik, the domain registrar and web hosting provider, has confirmed the security breach that led to the compromise of sensitive details of many of its clients. It has asked its clients to be wary of unusual activity related to the use of their details, especially payment information.

FMC targeted

Family Medical Center (FMC) in Michigan was targeted by a ransomware attack in July this year. The attackers demanded a sum of $30,000 in ransom to unlock the data that included the financial data of patients.

New Cooperative in a mess

After being hit by ransomware, the NEW Cooperative is in new trouble after researchers found several instances of data breaches. More than 650 instances of breached credentials were found on a database belonging to the firm. The password ‘chicken1’ was common among 120 employees.

Top Malware Reported in the Last 24 Hours

Drinik trojan

Drinik banking trojan has been spotted in a new attack campaign that targeted more than 27 public and private banks across India. The malware is distributed via phishing email masquerading as an income tax refund. It collects full names, email addresses, call logs, message logs, and financial details of users.

Top Vulnerabilities Reported in the Last 24 Hours

Flaws in Nagios network

Nearly a dozen vulnerabilities have been identified in widely used network management products from Nagios. The flaws can be exploited for Server-Side Request Forgery (SSRF), spoofing, accessing information, local privilege escalation, and remote code execution. They impact Nagios XI, XI Switch Wizard, XI Docker Wizard, and XI WatchGuard.

Vulnerable Netgear routers

Netgear has released patches to address a high-severity remote code execution vulnerability affecting its multiple routers. The flaw (tracked as CVE-2021-40847) can be exploited by attackers to take control of an affected system.

Vulnerable YouTube Inserter plugin

A cross-site scripting flaw discovered in the YouTube video inserter plugin for WordPress can be abused by sending a specially crafted link. The flaw is tracked as CVE-2021-38327 and can allow attackers to steal sensitive information, change the appearance of the web page, and perform phishing.

VMware fixes 19 flaws

VMware has fixed 19 vulnerabilities affecting its vCenter Server and Cloud Foundation. The most critical of these is tracked as CVE-2021-22005. The vulnerabilities affect vCenter Server versions 6.5, 6.7, and 7.0 and Cloud Foundation versions 3.x and 4.x.

Decade-old flaws

Adobe has patched decade-old vulnerabilities that affected the ColdFusion software. The vulnerabilities were recently exploited by attackers to deliver the Cring ransomware. The flaws are tracked as CVE-2021-2861 and CVE-2009-3960.

PoC for a macOS flaw disclosed

Researchers have disclosed details of an unpatched zero-day flaw in macOS Finder that could be abused by adversaries to trick users into running arbitrary commands on the machines. The weakness arises due to the manner in which macOS processes INETLOC files.

Related Threat Briefings