Cyware Daily Threat Intelligence April 24, 2018

Top Vulnerabilities Reported in the Last 24 Hours
A second patch for Drupalgeddon2
As per the announcement made by Drupal developers, another Drupalgeddon2 (tracked as CVE-2018-7600) patch is going to be released on 25th of April, 2018. The patch is for 7.x, 8.4.x and 8.5.x of the content management system. At least three different attack groups are exploiting Drupalgeddon2, after it received its first patch in late March.

Flaws fixed in Foxit PDF reader
Over a dozen vulnerabilities have been fixed by Foxit in its PDF reader. The vulnerabilities include an Unsafe DLL Loading security bug, five code execution vulnerabilities, and flaws that could result in remote code execution, in information disclosure, or in application crashes. The vulnerabilities were addressed in Foxit Reader and Foxit PhantomPDF 9.1.

Vulnerable Nintendo switch
A vulnerability, known as Fusée Gelée, in an Nvidia chip used by the Switch was found to allow hackers inject code into the system and modify it. Unfortunately, this flaw cannot be fixed with a security patch. Millions of Switches are vulnerable, permanently, to what amounts to a total jailbreak.

Top Breaches Reported in the Last 24 Hours
MEDantex data breach
Sensitive patient medical records and personal information of thousands of physicians had been leaking online from MEDantex, a Kansas-based medical transcription company. The firm took down it’s customer Web portal after it was informed of the issue. It’s unclear exactly how many patient records were left exposed on MEDantex’s site.

TSB customer accounts aren't secure
Around two million UK banking customers are reportedly experiencing issues while trying to use their accounts online. Some users were also able to access other users’ funds. The problems occurred after an IT upgrade went wrong. Financial Conduct Authority (FCA) and the Information Commissioner’s Office (ICO) are investigating the incident.

Ukrainian energy website compromised
Ukraine's energy and coal ministry website has been affected by a ransomware attack. Hackers posted a note in English, asking for ransom to be paid in Bitcoin. Ukraine has repeatedly blamed Russia for the attacks, though Moscow has denied any involvement in such attacks.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.