Go to listing page

Cyware Daily Threat Intelligence February 15, 2019

Cyware Daily Threat Intelligence February 15, 2019

Share Blog Post

Top Breaches Reported in the Last 24 Hours

127 million records are on sale
A new batch of 127 million user records, originating from eight companies, has been put for sale on Dream Market forum. The individual involved in the selling of this data goes by the name of Gnosticplayers. The eight companies that have been breached are Ge.tt, Ixigo, Roll20.net, Houzz, Coinmama, Younow, StrongHoldKingdoms and Petflow. 

SenseNets' data leak
A China-based company named SenseNets has exposed the personal information of 2,565,724 users. The data leak occurred due to an unsecured MongoDB database that was left exposed online without authentication. The data leaked in the incident includes users' names, ID card numbers, ID card issue dates, nationality, home addresses, dates of birth and photos. 

Coffee Meets Bagel data breach
Dating app Coffee Meets Bagel has suffered a data breach, resulting in the compromise of personal data of 6 million users. The breach occurred after hackers gained unauthorized access to its network. The compromised information includes only names and email addresses shared with the app before May 2018. 

Top Malware Reported in the Last 24 Hours

A new variant of Shlayer malware
Security researchers have come across a new variant of Shlayer trojan. It is capable of escalating privileges and disabling the Gatekeeper protection mechanism to run unsigned second-stage payloads. The malware affects all macOS versions from 10.10.5 to 10.14.3. It is distributed via fake update pop-ups. Most of the samples of this new Shlayer variant are propagated in the form of DMG files. However, there are few samples that are delivered in PKG, ISO, and ZIP files. 

Emotet trojan evolves
The Mealybug threat actor group has enhanced the capabilities of Emotet trojan. They are distributing the trojan into different ways: First, via a URL hosted on attacker-controlled infrastructure; Second, as an email attachment. Once launched, the malware connects to a list of URLs - that connects to the attackers' C2 servers - to receive further instructions.

Top Vulnerabilities Reported in the Last 24 Hours

OKCupid app flaw
A critical flaw in the OKCupid dating app that can allow attackers to steal credentials or launch man-in-the-middle attacks, has been discovered by security experts. The flaw exists in the WebView feature of the dating app. By exploiting the flaw, the attackers can even gain access to a user's email address, date of birth, country, and ZIP code.

Microsoft Patches 74 bugs
In its February 2019 Patch Tuesday, Microsoft has released security patches for more than 70 vulnerabilities discovered across its multiple products. The patches include fixes for a zero-day Internet Explorer vulnerability and a PrviExchange flaw in Exchange Server. Out of 74 vulnerabilities, 20 have been marked as critical. Users are urged to apply the Microsoft Patch Tuesday update immediately. 

SAP releases security patches
A collection of security patches was released by SAP to address 13 flaws in its products. One of the patches released is for a Hot News flaw in SAP HANA Extended Application Services (XSA). The flaw affects XS Advanced selected versions in SAP HANA 1 and HANA 2.


mealybug threat actor group
unsecured mongodb database
zero day internet explorer vulnerability
emotet trojan
shlayer malware
prviexchange flaw

Posted on: February 15, 2019

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.