Go to listing page

Cyware Daily Threat Intelligence January 28, 2019

Cyware Daily Threat Intelligence January 28, 2019

Share Blog Post

Top Breaches Reported in the Last 24 Hours

LocalBitcoins hacked
Unauthorized access to LocalBitcoins, a cryptocurrency exchange portal, has resulted in the loss $28,200 worth of 7.95205862 bitcoins. The breach occurred on January 26, 2018, and lasted for almost five hours. During that time, users reported of being redirected to a page mimicking as the LocalBitcoins login page.

Ransomware attack on Akron city
Ohio National Guard cybersecurity team is working along with Akron city government officials in order to deal with an attack that was launched on the city's digital network. The report says that hackers, at first, had installed malware to target the city's accounts for stealing money. But, when this attack attempt failed, the hackers launched ransomware to force the city into paying the money. 

Dailymotion hit by an attack
A credential stuffing attack on Dailymotion has resulted in the compromise of several accounts of users. Although the number of users affected in the attack is unknown, the firm has asked all its users to reset their password in order to regain control of their accounts. 

Top Malware Reported in the Last 24 Hours

Remote Desktop Protocol attack
Threat actors are increasingly using network tunneling to bypass protections while performing Remote Desktop Protocol (RDP) attacks. Access to RDP can allow attackers to acheive persistence and establish a connection with a remote server. This can even allow attackers to move laterally through a network. Disabling the remote desktop service when not in use and enabling host-based firewall can prevent such attacks.

Java RAT
Security researchers have spotted two malicious spam campaigns targeting the naval industry sector. Hackers are dropping the infamous Java RAT through these malicious campaigns. Phishing emails that appear to come from administrative personnel of an Italian company in the Hydraulic and Lifting sector are sent to trick the targeted users. Another phishing email impersonating a German logistic company 'Dederich Spedition' is also being used to target users.

Top Vulnerabilities Reported in the Last 24 Hours

Vulnerable Cisco routers
Disclosure of proof-of-exploit code for security bugs in Cisco routers for small businesses has enabled hackers to scan for vulnerable devices. Dubbed as CVE-2019-1652 and CVE-2019-1653, the flaws exist in the routers' web management interface. More than 9,500 of Cisco RV320/RV325 routers are expected to be affected by the information disclosure glitch with most of them in the United States.

Total Donations plugin flaw
A zero-day flaw has been discovered in the 'Total Donations' plugin. The flaw can allow attackers to take control over WordPress sites and modify the destination accounts of donations received through the plugin.

ES File Explorer flaw
A vulnerability has been discovered in the ES File Explorer app. It can allow hackers to download or steal files from your phone. The app has over 100 million downloads worldwide. According to researchers, ES File Explorer launches an HTTP server on port 59777. Attackers can use the port to inject a JSON payload.

 Tags

java rat
credential stuffing attack
remote desktop protocol attack
proof of exploit code
zero day flaw
ransomware attack

Posted on: January 28, 2019


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite