Cyware Daily Threat Intelligence, February 15, 2021

The dangerous water supply attack in Florida has put a spotlight on organizations using obsolete software. In this regard, the FBI has issued an advisory for federal organizations and private companies about the potential threats of outdated Windows systems and TeamViewer software.

The ongoing phishing campaign on Facebook has also raised concerns over users’ data privacy. The viral ‘Is that you’ scam, which started in 2017, has added a new list of victims from the U.K, taking up the overall count to over 450,000.

Russian internet giant Yandex has revealed a data breach after a malicious insider got access to the accounts of thousands of its customers. The incident has affected around 4,887 mailboxes. However, no payment details held by Yandex have been compromised.

The FBI has warned federal government agencies and private companies about the potential threats posed due to the use of outdated Windows 7 systems and TeamViewer software. The alert comes on the heels of a recent attack on the Oldsmar water treatment plant’s network.

The DarkSide ransomware gang has stolen 120 GB of data after disrupting the website of the Canada-based Discount Car and Truck Rentals company. Meanwhile, a team of security experts is working on investigating and restoring services quickly.

VMware has issued patches for a serious vulnerability affecting its vSphere Replication product. The security hole is tracked as CVE-2021-21976 and can be abused to allow an authenticated admin user to perform remote code execution.

The viral ‘Is that you’ Facebook phishing campaign has now spread to the U.K, adding another 20,000 victims since its launch on January 26. The campaign involves threat actors sending private Facebook messages to unsuspecting users, claiming to have found a video or image with the victim featured in it.