Go to listing page

Cyware Daily Threat Intelligence, January 08, 2021

Cyware Daily Threat Intelligence, January 08, 2021

Share Blog Post

Ransomware continues to dominate the cyber threat ecosystem, with attackers wanting fast cash. Talking in the same line, the Ryuk ransomware operators have garnered a fortune of at least $150 million through criminal activities to date. The ransomware strain has targeted high-profile organizations across the world in recent months, accruing millions of dollars in ransom payments.

Moreover, the FBI has issued an advisory warning of Egregor ransomware attacks against private organizations. Equipped with the recent extortion methods, the ransomware has so far targeted over 150 organizations, including the likes of Barnes and Noble, Crytek, Kmart, and Ubisoft, among others.

Top Breaches Reported in the Last 24 Hours

Hackney Council’s data released
A cybercriminal group called Pysa has published a range of information stolen from Hackney Council in the U.K. on the dark web. This includes sensitive personal data of staff and residents. The data was stolen following an attack in October 2020.

Thousands of O365 inboxes accessed
In a recent notification, the DoJ has confirmed that thousands of its Office 365 email accounts were accessed by SolarWinds attackers last year. After learning of the malicious activity, the OCIO eliminated the attack channel by which the actors were accessing the email environment.

Ryuk amasses $150 million
The operators behind Ryuk ransomware have amassed over $150 million through cyberattacks. Most of the digital currency the group collects is sent to Asia-based exchanges Huobi or Binance, which may help them to escape scrutiny.

Top Malware Reported in the Last 24 Hours

FBI warns about Egregor ransomware
The FBI has issued a security alert about companies being attacked by Egregor ransomware. Threat actors are using phishing emails with malicious attachments to distribute ransomware and gain access to the networks.

Top Vulnerabilities Reported in the Last 24 Hours

Nvidia fixes 16 flaws
Nvidia has issued security patches for 16 security flaws found across its graphics drivers and vGPU software. The vulnerabilities can be exploited to launch DDoS attacks, escalate privileges, tamper with data, or sniff out sensitive data. The most severe of these is CVE-2020-1051, an issue that affects the graphic drivers’ kernel mode layer.

Microsoft issues a micropatch
Microsoft has released a micropatch for a local privilege escalation vulnerability affecting its Windows PsExec management tool. The flaw can enable threat actors to execute arbitrary processes with Local System permissions on targeted machines.

Browser makers issue patches
Makers of the Chrome, Firefox, and Edge browsers are urging users to patch critical vulnerabilities that can be exploited to take over systems. A majority of these are rated high-severity and tied to use-after-free bugs.

 Tags

nvidia graphics drivers
ryuk ransomware
o365 inboxes
egregor ransomware
hackney council

Posted on: January 08, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.