Cyware Daily Threat Intelligence, August 10, 2020

Share Blog post

Vulnerable Content Management Systems (CMSes) can turn into a virtual goldmine for threat actors, who are looking to execute mass-scale attacks through CMS-powered websites. In a new revelation, researchers have demonstrated that around 20 popular CMSes are impacted by more than 30 vulnerabilities, ranging from remote code execution issues to cross-site-scripting. The vulnerable CMSes include Microsoft SharePoint and Atlassian Confluence.

The terror of ransomware attacks also made headlines in the last 24 hours. The ventilator manufacturer, Boyce Technologies was attacked by DoopelPaymer ransomware, resulting in the loss of confidential data and a slowdown in production. The attackers have leaked a portion of sales and purchase orders and assignment forms related to the firm, to push their ransom demand.

Top Breaches Reported in the Last 24 Hours

Boyce Technologies attacked
The ventilator manufacturer, Boyce Technologies, has been hit by the DoppelPaymer ransomware. The gang has leaked a portion of data stolen from the firm, which includes sales and purchase orders and assignment forms to support its claim. It has further threatened to leak more data in the following week if the firm refuses to pay the ransom.

Top Malware Reported in the Last 24 Hours

FBI warns about attack
The Federal Bureau of Investigation (FBI) has warned about cyberattacks linked with a  hacker group known as Fox Kitten. To reach its goal, the group relies on recently disclosed vulnerabilities. So far, it has exploited vulnerabilities in Pulse Secure "Connect" enterprise VPNs, Palo Alto Networks "Global Protect" VPN servers and Citrix "ADC" servers and Citrix network gateways. Lately, it is targeting vulnerable F5 networks to launch attacks

Top Vulnerabilities Reported in the Last 24 Hours

Over 30 flaws in 20 CMS
Researchers have identified more than 30 vulnerabilities across 20 popular Content Management Systems (CMSes). The flaws range from remote code execution issues to cross-site scripting (XSS). The affected CMS platforms include the likes of Microsoft SharePoint, Craft CMS, and Atlassian Confluence, among others.

Bypassing scanners
At the DEFCON security conference, a security researcher demonstrated the vulnerabilities in different fingerprint scanners. The vulnerabilities can be abused to bypass biometric authentication, enabling hackers to extract data stored on devices.

Flawed Zoom fixed
Video conferencing app, Zoom, has addressed several security vulnerabilities that could have allowed threat actors to exfiltrate user data. Two of these flaws affected its Linux client and were fixed with the release of version 5.2.4.



 Tags

microsoft sharepoint
doopelpaymer ransomware
content management systems cmses
atlassian confluence
boyce technologies

Posted on: August 10, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!