Cyware Daily Threat Intelligence December 28, 2018

Top Breaches Reported in the Last 24 Hours

Nova Entertainment breached
Nova Entertainment has suffered from a breach that may have affected personal data of 261,948 Australians. The breach occurred between 2009 and 2011 and the data compromised in the incident includes usernames, passwords residential addresses, birth dates, email addresses, phone numbers, genders of individuals. However, the firm said that no financial information or copies of ID were affected. The radio station also mentioned that no existing systems of Nova were impacted in the breach. The radio station has informed the Office of Australian Information Commissioner(OAIC) and is working closely with law enforcement agencies to resolve the issue. In addition, it is working towards enhancing the security of its systems.

Top Malware Reported in the Last 24 Hours

New Shamoon variant
A new variant of Shamoon disk-wiping malware has surfaced recently. The malware obfuscates detection by behaving like the system optimization tool Enigma version 4. The variant uses a digital signature from Baidu that was issued on March 25, 2016, and expired on March 26, 2016. The malware is capable of deleting files from infected machines and making the machines unbootable. According to researchers, the new sample uses an image of a burning US dollar as a part of its destructive attack. It also disguises as legitimate software such as 'Baidu PC Faster' and 'Baidu WiFi Hotspot Setup'. Threat actors are using the variant to target oil and gas companies in the Middle East as well as small firms in Europe. The malware variant is uploaded on VirusTotal scanning platform from France. 

Top Vulnerabilities Reported in the Last 24 Hours

A flaw in Guardzilla cameras
Researchers have detected a critical security flaw in Guardzilla's indoor surveillance devices. The flaw could allow attackers to access users'stored files and videos. It is found that all of the security cameras use the same hardcoded keys, thus making it easy for the attackers to hack passwords by exploiting the bug. Each device uses the same set of hardcoded keys to upload video recording to the company's Amazon S3 bucket. Hackers can use these keys to gain full access to the company's cloud storage, thereby putting the customers' data at risk. Experts believe that only updating the firmware and keys won't be enough to fix the issue. It requires a complete change of keys and establishing a proxy service. 







  • Share this blog:
Previous
Cyware Daily Threat Intelligence December 31, 2018
Next
Cyware Daily Threat Intelligence December 27, 2018
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.