Go to listing page

Cyware Daily Threat Intelligence February 13, 2019

Cyware Daily Threat Intelligence February 13, 2019

Share Blog Post

Top Breaches Reported in the Last 24 Hours

Dunkin' Donuts hacked
Dunkin'Donuts has suffered a credential stuffing attack resulting in the compromise of accounts of some of its customers. This is the second time that the coffee shop has been attacked in three months. Hackers used user credentials leaked at other sites to gain entry to DD Perks rewards accounts. 

LandMark White data breach
A major breach at LandMark White, the popular valuation firm may have affected the personal data of around 100,000 customers. The data compromised in the breach includes names, residential addresses, and contact numbers of homeowners, residents, and property agents. Commonwealth Bank of Australia is contacting more than 20,000 of its customers in the wake of this breach.

VFEmail attacked
VFEmail, a security-focused email provider, has suffered a catastrophic attack. Unknown attackers have wiped out data from all of its US servers. The threat actors had formatted all the disks on every server. So, every VM is lost, along with many file servers and backup servers.

Top Malware Reported in the Last 24 Hours

New DNS cache poisoning attack
A new DNS cache poisoning attack which exploits a flaw in mDNSResponder has been spotted by security researchers. The possible attack was first examined on Android and Ubuntu Linux. Attackers can launch the attack by poisoning the DNS cache without any root or admin privileges using a malicious DNS mapping.

Malicious USB cable
A security researcher has developed a malicious USB cable that can receive commands from a nearby smartphone and later execute them on a PC to which it is connected. The USB cable attack can be executed on Windows, Mac, Linux, and iOS systems. 

A new variant of Trickbot
The latest variant of Trickbot trojan has been updated to target the Virtual Network Computing (VNC), PuTTY, and Remote Desktop Protocol (RDP) platforms. It is delivered to the target's computer in the form of a tax incentive notification email. This email comes attached with an Excel spreadsheet that contains malicious macros.

Top Vulnerabilities Reported in the Last 24 Hours

Adobe releases security updates
Adobe has released security patches to fix different bugs across its multiple products. The released patches include fixes for bugs in Flash Player, Creative Cloud Desktop Application, and ColdFusion. These flaws, if exploited, can lead to code execution, information disclosure, or privilege escalation.

Siemens issues security advisories
Siemens has released 16 security advisories for several industrial control and utility products. The advisory includes a warning for a critical flaw (CVE-2018-3991) in the WibuKey digital rights management (DRM) solution that affects the SICAM 230 process control system. The flaw can cause a heap overflow, potentially leading to remote code execution.

WordPress Plugin flaw
A bug in social sharing plugin named 'Simple Social Button' has been discovered by researchers. The bug in the plugin, which is installed on more than 40,000 WordPress sites, can enable an attacker to create new accounts on a site. Later, the attackers can modify the main settings of the WordPress site. 

Top Scams Reported in the Last 24 Hours

Romance Scam
A Nigeria-based criminal gang called 'Scarlet Widow' is leveraging a new romance scam to target lonely people. Scammers have created fake profiles, that utilize stolen pictures, fake names, personalities, and backstories to lure the targeted users. They have created their accounts on social media sites and dating sites to attract potential victims. The dating sites used for this purpose are such as Dating4Disabled[.]com, Farmers Dating Site, and DivorcedPeopleMeet[.]com. The scam is all about stealing money. Once a relationship is established, the scammers tell their victims that they are having financial difficulty and need financial assistance.

 Tags

romance scam
credential stuffing attack
malicious usb cable
trickbot trojan
security updates
dns cache poisoning attack

Posted on: February 13, 2019


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite