Cyware Daily Threat Intelligence, August 03, 2020

Share Blog post

A rare Prototype Pollution flaw that affected jQuery JavaScript library, has now been found impacting Node.js servers. Researchers demonstrate that the flaw can open doors for Distributed Denial of Service (DDoS) attacks and in some cases, remote shell access. The flaw has been fixed after researchers reported it to developers of express-fileupload, a Node.js package with more than seven million downloads.

In the last 24 hours, a text message scam that targeted hundreds of UK residents, so far, has also come to light. The message uses the COVID-19 as bait to trick victims into visiting a fake website that offers free TV licenses. The ultimate goal of the scam is to harvest personal data such as names, dates of birth, home addresses, and banking details from users.

Top Breaches Reported in the Last 24 Hours

2gether hacked
A cryptocurrency trading platform, 2gether, has faced a cyberattack after threat actors siphoned off €1.183 million (approximately $1.3 million) from its investment accounts. The incident has also impacted user passwords. However, no financial details, general wallets, and Euro accounts were impacted by the breach.

Havenly discloses a breach
A US-based interior design website, Havenly, has disclosed a data breach after the ShinyHunters threat actor group posted a database containing 1.3 million user records for free on a hacker forum. The compromised data included users’ login names, full names, MD5 hashed passwords, email addresses, phone numbers, and zip codes.

Top Vulnerabilities Reported in the Last 24 Hours

Grandstream flaws
Multiple high-severity flaws discovered in the Grandstream HT800 series of Analog Telephone Adaptors (ATAs) can open analog telephone devices and other IP-based communications infrastructure to eavesdropping and device takeover. The bug, tracked as CVE-2020-5760, scores 7.8 on the CVSS scale. It can be exploited by tricking users into opening a specially crafted message sent by attackers.

Update on Prototype Pollution flaw
In a latest discovery, a flaw in the express-fileupload library can allow hackers to stage Prototype Pollution attacks on Node.js servers. The flaw can lead to DDoS attacks and in some cases, remote shell access.

Top Scams Reported in the Last 24 Hours

Free TV license scam
Researchers have uncovered a text message scam that offers a free TV license. The message makes use of COVID-19 as bait to trick users into visiting a fake website that uses official TV license branding. The ultimate goal of the scam is to harvest personal data such as names, dates of birth, home addresses, and banking details from users. According to Parliament Street researchers, hundreds of UK consumers have already been targeted by the scam.

 Tags

nodejs servers
havenly
prototype pollution flaw
2gether
grandstream

Posted on: August 03, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!