Go to listing page

Cyware Daily Threat Intelligence, February 14, 2022

Cyware Daily Threat Intelligence, February 14, 2022

Share Blog Post

Roses are red, violets are blue, no matter your defenses, zero-days will allow attackers to get through. One such widely exploited zero-day flaw that resulted in the compromise of over 500 e-commerce sites was disclosed last week. However, Adobe has taken action and released an emergency security patch to address the flaw that affects both Magento Open Source and Adobe Commerce platforms.

Data breach incidents affecting the personal data of millions of users were also reported from across the globe. While a US-based automation firm left exposed data of around seven million users due to a misconfigured AWS bucket, a Croatian phone carrier disclosed that sensitive data of around 200,000 customers were stolen by threat actors.

Top Breaches Reported in the Last 24 Hours

A1 Hrvatska breached
Croatian phone carrier A1 Harvatska disclosed a security breach that has impacted roughly 200,000 of its customers. The incident enabled the threat actors to access sensitive personal information such as names, physical addresses, telephone numbers, and personal identification numbers. The company revealed that the attack did not affect its services and operations.

49ers NFL team attacked
The San Francisco 49ers NFL team confirmed a ransomware attack that encrypted the files on its corporate IT network. The attack is the work of the BlackByte ransomware gang which also claimed the responsibility by leaking some stolen files on its site. The firm added that it has taken mitigation steps to contain the attack and has also informed the law enforcement agencies.

Emily Frey targeted
Swiss company Emily Frey was hit in an attack by the Hive ransomware group last month. Although it is still unknown if customers’ data was impacted in the incident, the firm, on its part, has taken precautionary measures to restore the affected systems.

Top Malware Reported in the Last 24 Hours

MyloBot evolves
Researchers found a new version of MyloBot that includes several anti-debugging and anti-VM techniques. One of the techniques adopted by the botnet includes a process hollowing technique that allows attackers to replace the process’s code with the malicious one to evade detection.

Top Vulnerabilities Reported in the Last 24 Hours

Zero-day flaw patched
Adobe has released an emergency security update to address a zero-day vulnerability that is being exploited in the wild. Tracked as CVE-2022-24086, the flaw affects Magento Open Source and Adobe Commerce platforms. It is described as a pre-authentication remote code execution vulnerability and arises due to improper input validation.

Top Scams Reported in the Last 24 Hours

NFT buyers targeted in crypto scams
Researchers have hinted about the rise in crypto scams targeting NFT buyers. One such new scam has been associated with the Babadeda crypter, a new threat aimed at blockchain investors on the Discord app. Scammers are using malicious Discord bots operating with NFT and crypto communities to redirect users to phishing websites that prompt them to download fake desktop applications.

 Tags

hive ransomware group
emily frey
blackbyte gang
nft buyers
mylobot botnet

Posted on: February 14, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.