Go to listing page

Cyware Daily Threat Intelligence, December 09, 2020

Cyware Daily Threat Intelligence, December 09, 2020

Share Blog Post

Top Breaches Reported in the Last 24 Hours

FireEye hacked
FireEye announced that it was hacked, allegedly, by Russian hackers. The firm stated that the attackers had used “novel tools” to evade security tools and forensics. The hackers made off with red team tools that imitate the most sophisticated hacking tools. 

Animal Jam breached
Animal Jam, a free-to-play pet simulator, suffered a data breach, resulting in the theft of more than 50 million player records. A database consisting of 900,000 player records, including email addresses and hashed passwords, is being sold on a hacker forum. Another 100,000 records have been leaked as a proof-of-concept sample. 

APT28 in action
APT28, a Russian-backed threat group, had reportedly brute-forced several Norwegian Parliament email accounts in August. A limited number of email accounts of employees and representatives were stolen, although the nature of the stolen data has not been disclosed. 

Fax company database leak
Fax Express, a New Jersey fax company, had more than 500,000 customer emails and passwords leaked on a Russian hacking forum. The database leak originated from cit0day.in leaks, a private service for cybercriminals. 

  
Top Malware Reported in the Last 24 Hours

Phorpiex botnet activity surges
Check Point researchers unveiled that there has been a rise in infections caused by the Phorpiex botnet. Infamous for cryptomining and sextortion spam campaigns, the botnet has been discovered spreading the Avaddon ransomware.

Easy reinstall malware
Sansec researchers discovered a malware that is nearly impossible to remove deployed on various Magento-powered online stores, set to automatically activate on Black Friday. The Magecart actors targeted Magento versions 2.2.3 to 2.2.7 to inject backdoors and credit card stealer scripts. 


Top Vulnerabilities Reported in the Last 24 Hours

Bugs in all Kubernetes versions
A medium severity security bug in Kubernetes tracked as CVE-2020-8554, can be remotely abused by attackers with basic tenant permissions to conduct low complexity attacks. The design flaw affects all versions of Kubernetes with multi-tenant clusters. The Kubernetes Product Security Committee has provided advice on how to temporarily block attackers from abusing this bug.


Top Scams Reported in the Last 24 Hours

Stealing Target gift cards
Scammers are luring victims to fake sites to check the balance on their Target gift cards. While some crooks have gone to the extent of making a fake website eerily similar to the legitimate one, others have registered a targetgiftscard[.]com domain.

 Tags

phorpiex
apt28
fireeye
animal jam

Posted on: December 09, 2020


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Learn More About Cyware Solutions!