Go to listing page

Cyware Daily Threat Intelligence January 3, 2019

Cyware Daily Threat Intelligence January 3, 2019

Share Blog Post

Top Breaches Reported in Last 24 Hours

Popsugar's Twinning app leaks data
The popular photo-matching app of Popsugar has been found to leak a huge number of photos belonging to its users. These photos were uploaded in an unsecured database hosted on Amazon Web Services. The leak was discovered when an Amazon Web Services storage bucket URL was noticed in the source code of the Twinning web app. 

BlankMediaGames hacked
BlankMediaGames, developer of online role-playing browser-based game 'Town of Salem' has been hacked resulting in the compromise of data of about 7 million users. The information breached in the hack includes emails, passwords and IP addresses of users. This is the first time that the company has suffered an attack from hackers. 

Blur password manager data breach
A misconfigured Amazon S3 storage bucket has exposed the data of nearly 2.4 million Blur password manager users. The exposed information includes email addresses, IP addresses, encrypted Blur passwords of users. There is no evidence that auto-fill credit card details, Masked Emails, Masked Phone numbers, Masked Credit Card numbers, and payment details were exposed in the breach.

Top Malware Reported in Last 24 Hours

New NRSMiner variant
A new version of NRSMiner cryptocurrency mining malware has been detected recently. It uses EternalBlue exploit kit to propagate into the targeted systems. The miner is capable of mining Monero cryptocurrency, downloading updated modules and deleting the files and services installed by its previous version. The malware can propagate into a targeted system in two ways. The first way includes downloading the updater module onto a system that is already infected with a previous version. The second method includes leveraging the unpatched systems. The new NRSMiner variant is found targeting network systems located in Asia. Most of the infected systems are seen in Vietnam.

Top Vulnerabilities Reported in Last 24 Hours

New unCaptcha bypasses reCAPTCHA
The new unCaptcha automated system has managed to bypass the Google reCAPTCHA mechanism even after major security updates. The unCaptcha system, which was introduced in 2017 to protect websites from abuses - has been improvised and is now able to bypass the audio challenges presented by reCAPTCHA. The new version of the tool could also be used to evade security systems on Yahoo, BotDetect and PayPal image challenges. The new unCaptcha parses the audio of audio challenge and directly types the answer in the response box. 

UDisks vulnerability
An uncontrolled format string vulnerability has been observed in udisks_log. The bug allows the unauthorized disclosure of information, unauthorized modification and disruption of service. It is recommended to install the SUSE security updates like YaST online_update or 'zypper patch in order to fix the flaw. Alternatively, they can run “SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2356=1” command listed for their product.


blur password manager
format string vulnerability
eternalblue exploit kit
google recaptcha
amazon s3 storage bucket
monero cryptocurrency
nrsminer variant

Posted on: January 03, 2019

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.