Go to listing page

Cyware Daily Threat Intelligence, February 15, 2021

Cyware Daily Threat Intelligence, February 15, 2021

Share Blog Post

The dangerous water supply attack in Florida has put a spotlight on organizations using obsolete software. In this regard, the FBI has issued an advisory for federal organizations and private companies about the potential threats of outdated Windows systems and TeamViewer software.

The ongoing phishing campaign on Facebook has also raised concerns over users’ data privacy. The viral ‘Is that you’ scam, which started in 2017, has added a new list of victims from the U.K, taking up the overall count to over 450,000.

Top Breaches Reported in the Last 24 Hours

Yandex breached
Russian internet giant Yandex has revealed a data breach after a malicious insider got access to the accounts of thousands of its customers. The incident has affected around 4,887 mailboxes. However, no payment details held by Yandex have been compromised.

Update on Oldsmar attack
The FBI has warned federal government agencies and private companies about the potential threats posed due to the use of outdated Windows 7 systems and TeamViewer software. The alert comes on the heels of a recent attack on the Oldsmar water treatment plant’s network.

Canadian rental car company hit
The DarkSide ransomware gang has stolen 120 GB of data after disrupting the website of the Canada-based Discount Car and Truck Rentals company. Meanwhile, a team of security experts is working on investigating and restoring services quickly.

Top Vulnerabilities Reported in the Last 24 Hours

VMware issues patches
VMware has issued patches for a serious vulnerability affecting its vSphere Replication product. The security hole is tracked as CVE-2021-21976 and can be abused to allow an authenticated admin user to perform remote code execution.

Top Scams Reported in the Last 24 Hours

IRS warns about scams
The Internal Revenue Service (IRS) has alerted U.S. taxpayers about an ongoing phishing campaign that steals both personal and financial information. Scammers are using the IRS name and/or logo to dupe people into giving access to their data. The IRS has also warned of additional malware getting installed through these phishing links and attachments, such as a keylogger, which would steal the victim’s login credentials.

New update on Facebook phishing
The viral ‘Is that you’ Facebook phishing campaign has now spread to the U.K, adding another 20,000 victims since its launch on January 26. The campaign involves threat actors sending private Facebook messages to unsuspecting users, claiming to have found a video or image with the victim featured in it.


 Tags

darkside ransomware gang
yandex
oldsmar attack
vmware
teamviewer software

Posted on: February 15, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.