We use cookies to improve your experience. Do you accept?

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Sep 24, 2021

Malware authors have devised a clever way to hoodwink Windows 10 by using deliberately malformed signatures on valid certificates. This tactic is being actively used to push OpenSUpdater adware into victims’ systems. Most of the victims are from the U.S.

A revamp in evasion techniques has also been observed in a new version of Raccoon Stealer that uses a new set of crypters. Additionally, it includes a module to steal funds from new cryptocurrency wallets and has added Discord to the list of targeted applications.

Amidst these raining malware threats, Apple took action against three actively exploited zero-day vulnerabilities by releasing security patches for iOS and macOS systems.

Top Breaches Reported in the Last 24 Hours

Debt-IN confirms attack

Africa-based Debt-IN has disclosed details about a ransomware attack that occurred in April. The attackers stole the personal data of certain customers, including those who were under debt review.

Port of Houston hit

A state-sponsored hacking group breached the network of the Port of Houston by using a zero-day vulnerability in a Zoho user authentication appliance. The flaw is tracked as CVE-2021-40539, for which patches were released on September 8.

Second data leak incident at the U.K’s MoD

The U.K’s MoD has suffered a second data leak incident, risking the safety of dozens of Afghans who were likely to relocate to the U.K. The mishap occurred after staff had inadvertently sent emails to 55 people, making their personal information exposed to all recipients.

Top Malware Reported in the Last 24 Hours

OpenSUpdater distributed

Threat actors are using malformed signatures on valid certificates to distribute OpenSUpdater malware to victims’ systems. The malicious certificates are used as a tool to bypass security checks on Windows 10 systems.

Raccoon Stealer updates itself

A new version of Raccoon Stealer uses new crypters that can help the malware bypass security solutions. Other updates include a module for stealing several new cryptocurrency wallets and the addition of Discord to the list of targeted applications.

Top Vulnerabilities Reported in the Last 24 Hours

Apple patches three zero-day flaws

Apple has patched three actively exploited zero-day flaws that could allow attackers to execute arbitrary code with kernel privileges. The flaws are tracked as CVE-2021-30869, CVE-2021-30858, and CVE-2021-30860. Older iPhone and iPod are some of the devices affected by the flaws. In a different incident, iPhone users are at risk of exposing their IP addresses and location data due to a design flaw in Apple’s iCloud Private Relay feature.

SonicWall patches SMA appliances

SonicWall has published a security advisory to inform customers about a critical vulnerability affecting some of its Secure Mobile Access (SMA) appliances. The flaw, identified as CVE-2021-20034, can be exploited by attackers to delete arbitrary files from the targeted appliance.

Related Threat Briefings