Cyware Daily Threat Intelligence February 12, 2019

Share Blog post

Top Breaches Reported in the Last 24 Hours

Israeli government websites hacked
Multiple Israeli government websites were reportedly down for 45 minutes due to a possible DDoS attack. Websites with the domain name ‘gov[.]il’, including the Foreign Ministry, Defense Ministry, and Public Security Ministry were affected in the incident. There were few websites that were working slowly despite the attack. This included the domains belonging to the Education Ministry, Finance Ministry, Transport Ministry, and Health Ministry. Experts believe that it may just be a high volume of traffic which is causing the websites to underperform. Most of them are suspecting Iran-based threat actors to be behind this incident.

Top Malware Reported in the Last 24 hours

'Automatic 4K/HD for YouTube' extension removed
Google has removed a popular extension named 'Automatic 4K/HD for YouTube' from the Chrome Web Store. The extension was found spamming users with unwanted pop-up ads. The pop-up ads appeared in the GIF format and showed ads for another extension named 'Adblocker for Chrome - NoAds'. The popups abused Chrome's ability to show desktop notification and permissions contained by the extensions. 

Two phishing email campaigns
Researchers have come across two phishing email campaigns that were conducted in the past week. One of the phishing emails masqueraded as a message from a Bulgarian bank and the other one masqueraded as a message from Microsoft Office 365. Legitimate services or compromised domains for links were used as a part of URLs - attached with the emails - to bypass the email filters. 

Top Vulnerabilities Reported in the Last 24 Hours

Breakout security flaw
Researchers have discovered a container breakout security flaw in the runC container runtime and Kubernetes. The flaw (CVE-2019-5736) can allow an infected container to overwrite the host runC binary and gain root-level privileges. The flaw has been marked 7.2 (out of 10) on the CVSS scale.

A new version of Debian released
A new version of the Debian-based antiX MX (antiX MS 18.1) operating system has been released following the discovery of security bugs in the latest Debian Stable repositories. The update comes with up-to-date components from the Debian GNU/Linux 9.7 'Stretch' repositories. antiX MS 18.1 is available for download as 64-bit and 32-bit live ISO images. 

macOS privacy protection bypass flaw
A potential privacy protection bypass flaw has been discovered in macOS Mojave. The flaw can allow attackers to access data stored in restricted folders and sneak into the contents of a victim's browsing history. macOS Mojave releases up to the 10.14.3 are affected by the flaw.

 Tags

container breakout security flaw
automatic 4khd for youtube
phishing email campaign
ddos attack
privacy protection bypass flaw

Posted on: February 12, 2019

Get the Daily Threat Briefing delivered to your email!



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.



Join Thousands of Other Cyware Followers!