Go to listing page

Cyware Daily Threat Intelligence, December 15, 2021

Cyware Daily Threat Intelligence, December 15, 2021

Share Blog Post

The Log4j flaw looms large over this month’s security updates. SAP addressed the critical vulnerability in 20 of its applications, while 12 other applications still remain vulnerable. Meanwhile, patches for the second vulnerability involving Apache Log4j have been released as experts are accelerating the process to patch the original Log4Shell vulnerability. The second flaw can be exploited to launch a DoS attack on systems using a specific version of Log4j.

In other major security updates, Microsoft issued patches for a total of 67 vulnerabilities, six of which are zero-days. Adobe also released advisories for more than 60 security flaws affecting its multiple products running on Windows and macOS machines.

Top Breaches Reported in the Last 24 Hours

Ransomware hits gas distributor
Propane gas distributor Superior Plus Corp was hit by a ransomware attack on December 12. This had temporarily disabled some of its systems. Currently, the firm is investigating the matter and has no evidence of any data being stolen.

Telecom industry targeted
Researchers have spotted a new espionage campaign targeting telecommunications and IT service providers in the Middle East and Asia. The campaign, which has been active for six months, is associated with the SeedWorm APT group. The campaign makes use of spear-phishing emails and targets vulnerable Microsoft Exchange servers which are later used to deploy web shells. Organizations in Israel, Jordan, Kuwait, Saudi Arabia, the UAE, Pakistan, Thailand, and Laos have been targeted in the campaign.

OAG discloses an attack
The Oregon Anesthesiology Group (OAG) disclosed a ransomware attack that occurred in July. The breach affected the information of 750,000 patients and 522 current and former employees. The attack was likely launched by the HelloKitty ransomware group.

Top Vulnerabilities Reported in the Last 24 Hours

Microsoft fixes 67 new flaws
Microsoft issued patches for 67 new flaws, including six zero-day vulnerabilities, as a part of this month’s Patch Tuesday updates. The most severe of these is the spoofing zero-day vulnerability (CVE-2021-43890) that has been exploited in the wild to distribute Emotet, TrickBot, and Bazarloader.

Second Log4j flaw fixed
Apache has fixed a second vulnerability involving Apache Log4j that exists due to incomplete configurations in Apache Log4j 2.15.0. The flaw, tracked as CVE-2021-45046, can allow attackers to launch DoS attacks through specially crafted data. The issue has been fixed in Log4j 2.16.0.

Adobe fixes over 60 flaws
Adobe has addressed over 60 vulnerabilities impacting its multiple products. These vulnerabilities can be exploited for code execution, privilege escalation, and DoS attacks. The company said none of these flaws have been exploited in the wild.

SAP working on Log4Shell flaw
SAP has identified a total of 32 applications that are affected by the Log4Shell vulnerability. While patches for 20 applications have been shipped, the remaining 12 applications still remain vulnerable. The Log4Shell vulnerability can be exploited by attackers to gain control of the affected systems.

 Tags

log4shell vulnerability
adobe
microsoft exchange servers
apache log4j
seedworm apt group

Posted on: December 15, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.