Go to listing page

Cyware Daily Threat Intelligence, January 05, 2021

Cyware Daily Threat Intelligence, January 05, 2021

Share Blog Post

Come 2021 and a new set of vulnerabilities is knocking at the door. A majority of these, nearly 42, has been found and fixed in Google’s Android devices as part of the January 2021 Security Bulletin. Four of these flaws are assigned with ‘Critical’ severity and affect the system component and Media Framework.

Amid the release of security patches, one particular vulnerability affecting Zyxel devices has caught the attention of cybercriminals. Researchers have traced the first attempts of exploitation of the vulnerability that is related to the existence of hardcoded credentials.

A data leak incident by NetWalker ransomware operators has also come to the notice in the past 24 hours and the compromised data is believed to be of US-based NameSouth.

Top Breaches Reported in the Last 24 Hours

NameSouth’s data leaked
Around 3GB archive of data belonging to US-based auto parts shop NameSouth has been publicly leaked following a failed ransom negotiation. Claimed to be an act of the NetWalker ransomware group, the leaked data includes confidential company data such as financial and accounting data, credit card statements, and various legal documents.

JusPay data breach
India-based payments startup Juspay has confirmed a data breach that affected the credit and debit card details of 35 million users. According to researchers, the card data is up for sale on the dark web. The firm is a payment partner for many Indian online platforms such as Amazon, Swiggy, and Makemytrip.

Top Vulnerabilities Reported in the Last 24 Hours

Rock RMS account takeover flaw
Rock RMS, a relationship management system for churches has patched a pair of critical vulnerabilities that can lead to account takeover and remote code execution issues. These flaws are tracked as CVE-2019-18642 and CVE-2019-18643 and score a rating of 9.8 on the CVSS scale.

Zyxel flaw exploit attempt
Security researchers have observed the first attempts of exploiting Zyxel devices using a recently disclosed vulnerability, CVE-2020-29583. The flaw, that affects several Zyxel firewalls and WLAN controllers, arises due to the hardcoded credentials stored in the firmware.

Google addresses 42 flaws
Google has announced fixes for 42 vulnerabilities affecting its Android devices, as part of January 2021 security updates. Four of these flaws are rated critical and affect Android’s system component and Media Framework.

Zend Framework vulnerability
An untrusted deserialization vulnerability discovered in the Zend Framework can be exploited by attackers to achieve remote code execution on PHP sites. The vulnerability, tracked as CVE-2021-3007, impacts some instances of the Laminas project, a successor of Zend.

reCAPTCHA v3 cracked
Researchers have released a PoC for a previously discovered reCAPTCHA v3 attack method that uses voice-to-text to bypass CAPTCHA protection. The attack method, which has a success rate of 97 percent, works by collecting the MP3 file of the audio reCAPTCHA and submitting it to Google’s own speech-to-text API. The attack method can be leveraged by attackers to collect sensitive data from browsers.

 Tags

zend framework
zyxel devices
rock rms
recaptcha v3
juspay

Posted on: January 05, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Learn More About Cyware Solutions!