Go to listing page

Cyware Daily Threat Intelligence, January 12, 2022

Cyware Daily Threat Intelligence, January 12, 2022

Share Blog Post

Applying security patches on time offers better security against malware attacks and with that intent several software vendors have rolled out security updates for various vulnerabilities affecting their products. Microsoft kickstarted this year’s first Patch Tuesday with fixes for 97 security flaws. On the other hand, SAP and Adobe addressed over ten flaws and 41 vulnerabilities respectively. Mozilla has also issued three security advisories that cover updates for 18 CVEs.

Cybercriminals have also heightened their attacks on cloud services as a new report reveals details about sophisticated campaigns being launched to distribute Nanocore, Netwire, and AsyncRAT. A new multi-platform backdoor named SysJoker is also in news for targeting Windows, Linux, and Mac systems since December 2021.

Top Breaches Reported in the Last 24 Hours

Panasonic confirms a cyberattack
Tech giant Panasonic has confirmed that one of its servers has been targeted in a cyberattack. This has affected the personal information of job applicants. The hackers had gained unauthorized access to the Panasonic file server located in Japan via an overseas subsidiary, between June 2021 and November 2021. Among other data, the details of business partners were also accessed.

Top Malware Reported in the Last 24 Hours

New SysJoker backdoor
A new multi-platform backdoor, named SysJoker, that targets Windows, Mac, and Linux has been discovered by researchers. The malware was first discovered in December 2021 during an active attack against a leading educational institution. It masquerades as a system update and generates its C2 by decoding a string retrieved from a text file hosted on Google Drive.

RedLiner Stealer re-appears
A new attack campaign that leveraged the COVID Omicron variant as a lure was found distributing RedLine Stealer. Based on the researchers’ telemetry, the campaign has infected users across 12 countries. The malware harvests credentials and cookies from different browsers, among other system information.

RATs distributed via cloud services
In a new report, researchers have revealed that threat actors are actively incorporating public cloud services from Amazon and Microsoft into their malicious campaigns to deliver a variety of RATs. The malware distributed are Nanocore, Netwire, and AsyncRAT, which are used to siphon sensitive information from compromised systems.

Top Vulnerabilities Reported in the Last 24 Hours

Microsoft patches 97 flaws
Microsoft has issued security updates for 97 flaws as part of the January Patch Tuesday. Six of these are zero-day vulnerabilities with none of them being actively exploited in the wild. Forty-one of the total addressed flaws are related to Privileges escalation vulnerabilities; nine can lead to DoS attacks.

Adobe addresses 41 flaws
Adobe has issued security updates for 41 vulnerabilities affecting Acrobat, Reader, Illustrator, Bridge, and Indesign, among other products. Twenty-six of these vulnerabilities were found in Acrobat and Reader. An attacker can exploit these flaws by tricking victims into opening a specially crafted PDF.

Mozilla fixes 18 flaws
Mozilla has released three security advisories, covering 18 CVEs. Nine of these vulnerabilities are critical and affect Thunderbird 91.5, Firefox ESR 91.5, and Firefox 96.

CISA adds 15 more vulnerabilities
CISA has updated its list of highly exploited vulnerabilities with 15 more security flaws. The new list includes the Log4Shell vulnerability which represents a significant risk to federal organizations.

SAP patches Log4Shell vulnerability
After patching 20 out of 32 applications affected by Log4Shell vulnerability, SAP has published 11 new security notes for 21 more applications in this month’s security updates. These applications are affected by Log4Shell vulnerability, a cross-site scripting flaw, and a code-injection flaw.

ICS patch Tuesday
The first round of security advisories released by Siemens and Schneider Electric in 2022 addresses a total of 40 vulnerabilities. While Siemens has released five advisories of 14 flaws, Schneider Electric has patched 26 vulnerabilities.

Millions of routers impacted by a flaw
A vulnerability in the NetUSB kernel module impacts millions of routers worldwide. Tracked as CVE-2021-45608, the flaw can allow remote attackers to take control of devices. The flaw impacts routers manufactured by Netgear, TP-Link, Tenda, D-Link, and Western Digital. A patch to fix the flaw has been issued by the firm.

 Tags

panasonic corporation
netwire malware
log4shell vulnerability
netusb kernel module
schneider electric products
nanocore
asyncrat
thunderbird 915
redliner stealer
sysjoker

Posted on: January 12, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.