Cyware Daily Threat Intelligence, December 31, 2020

Share Blog Post

The roller coaster year 2020 is just one day away from being a past thing but the same is not with the Emotet. After ruining Christmas eve, the trojan is back in news for hitting several networks of the National Center for Public Health (NVSC) and municipalities in Lithuania in a massive spear-phishing attack.

America’s popular wireless network operator, T-Mobile, suffered another awful data breach that exposed the personal data of its customers. The incident occurred due to unauthorized access to their systems.

Top Breaches Reported in the Last 24 Hours

140GB data leaked
A database of 140GB, purportedly belonging to Door Controls USA, was leaked on a popular dark web forum. The data included manufacturing blueprints, machine-readable manufacturing code, financial and accounting data, as well as various legal documents.

T-Mobile suffers a data breach
T-Mobile has been hit by a new data breach that exposed the personal data of its customers. The security team discovered malicious unauthorized access to their systems that resulted in the leak of some of their customers’ contact numbers, call records, financial data, credit card information, and passwords of account holders.

The city of Cornelia affected
The city of Cornelia is dealing with a ransomware incident that occurred on December 26. Several phone and email services are currently offline.

Top Malware Reported in the Last 24 Hours

Emotet returns
Several systems at the National Center for Public Health (NVSC) and other municipalities in Lithuania have been infected owing to a large-scale Emotet-phishing attack. According to the alert, the malware infected the computers first and later began sending out fake emails addressed to several state institutions. In response to the infections, NVSC has temporarily shut down its email systems.

Top Vulnerabilities Reported in the Last 24 Hours

DHS’ update on SolarWinds platform
The CISA has ordered all U.S federal agencies to update the SolarWinds Orion platform to the latest version. The update comes in the light of the recent massive supply chain attack that affected several U.S government agencies and corporate firms. The affected versions include 2019.4 HF5, 2020.2 RC1, 2020.2 RC2, 2020.2, and 2020.2 HF1. The updated versions - 2019.4 HF6 and 2020.2.1 HF2 - are designed to protect from both SUNBURST and SUPERNOVA malware.  


national center for public health nvsc
city of cornelia
t mobile
door controls usa
emotet trojan

Posted on: December 31, 2020

Get the Daily Threat Briefing delivered to your email!

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

Join Thousands of Other Cyware Followers!