Go to listing page

Cyware Daily Threat Intelligence January 23, 2019

Cyware Daily Threat Intelligence January 23, 2019

Share Blog Post

Top Breaches Reported in the Last 24 Hours

4 million applications exposed
AEISEC, a non-profit organization has exposed over four million intern applications on a server without a password. The information was stored on an unprotected ElasticSearch database. Researchers believe that the data exposed in the leak include email addresses, full names, birth dates and gender of applicants. The database also contained an in-depth description of applicants' reasons for applying for the internship. Upon discovery of the leak, the firm was quick at taking action and secured the unprotected database. 

BlackRock data breach
BlackRock, the world's largest asset manager, has inadvertently exposed posted sensitive information of its financial adviser clients on its website. The leaked data was available on three spreadsheets and reportedly included names, email addresses and iShares assets of thousands of advisers. There was also a column in the spreadsheet titled 'Club Level' and included labels such as 'Patriot Club' and 'Directors Club'.

Top Malware Reported in the Last 24 Hours

100,000 malicious URLs removed
Abuse.ch team has taken down over 100,000 malicious URLs along with the help of information security(infosec) community. The team included around 256 researchers who worked together for 10 months in order to make it a successful operation. A vast majority of URLs were found to hosting prolific malware such as Emotet and Gozi trojans and GandCrab ransomware. The researchers collected about 380,000 malware samples over the past ten months and almost 16,000 of them were payloads for Emotet trojan. Around 13,000 payloads were found to be related to Gozi trojan and little over 6,000 samples belonged to GandCrab ransomware.

Top Vulnerabilities Reported in the Last 24 Hours

Cisco patches CVE-2018-15439
Security patch for a critical vulnerability - dubbed as CVE-2018-15439 - in Cisco's small business switches software has been released by the firm. The vulnerability affected Cisco's software version 1.4.9.04 and could allow a remote attacker to bypass a device's authentication mechanism. The flaw could also allow the attacker to execute arbitrary commands with full admin rights.

Adobe patches XSS vulnerabilities
Adobe has released security patches for two cross-site scripting vulnerabilities (CVE-2018-19726 and CVE-2018-19727) that were discovered in Adobe Experience Manager (AEM) products. The flaws could result in the disclosure of sensitive information. 

Flaws in Omron HMI products
The HMI products of Omron was found to be infected by a remote code execution flaw. The flaw can be exploited via malicious project files and could enable attackers to inject random codes on the vulnerable installations of Omron. Apart from that, several other flaws that can trigger DDoS attacks on the systems were also found by researchers. 



 Tags

unprotected elasticsearch database
gandcrab ransomware
sensitive information
gozi trojan
cross site scripting vulnerabilities
remote code execution flaw

Posted on: January 23, 2019


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite