Cyware Daily Threat Intelligence January 4, 2019

Top Breaches Reported in the Last 24 Hours


Luas Tram system website hacked
Dublin’s Luas Tram system website recently was hacked by cybercriminals. The company informed customers of the incident and said a malicious message was put on the home page, viewable to early visitors visiting the domain. The attackers demanded 1 Bitcoin ($3,843) to be paid within the next 5 days, or the stolen data would be published. Experts believe Luas’ payment website used by passengers to pay for fare violations has not been affected.

FoodPanda breach
Recently, Ola-owned food delivery platform FoodPanda was breached where PIIs of the customers were exposed as plaintext. Personal data like name, address, mobile number, and email ID got leaked. The flaw was identified by a Jalandhar-based cybersecurity researcher who immediately contacted the company and had the bug fixed. This type of data is a tempting target for threat actors looking for lucrative data.

Top Malware Reported in the Last 24 Hours


MobSTSPY disguises as Legit Android app
Security researchers found a spyware, dubbed as MobSTSPY, disguised as legitimate Android apps on the Play Store. These apps have already been downloaded 100,000 times in 196 nations. The apps in question include Flappy Birr Dog, HZPermis Pro Arabe, FlashLight, Win7imulator, Win7Launcher, and Flappy Bird. The spyware can steal user data, call logs, and clipboard items. Firebase Cloud Messaging (FCM) is used to send info to its server. Additional credentials are gathered via phishing attacks. MobSTSPY is found to have the most impact on users from India. As of now, Google has removed all the fake apps from the Play Store.

Top Vulnerabilities Reported in the Last 24 Hours


Authentication bypass flaw in Skype app
A new authentication bypass flaw is found in Skype for Android. The flaw can allow anyone in possession of the victim’s phone to bypass the phone’s lock screen and access all its files, contacts, and even launch browser windows. One can even open the browser by tapping links in a sent message. The bug affects Skype on all versions of Android and exists due to coding failure and bad design in the app.

Widevine L3 DRM hacked
The L3 level of protection in Google’s Widevine DRM technology was recently cracked. This can allow someone to decrypt contents transferred via DRM-protected multimedia streams, which include Netflix, HBO, Hulu, and others. This is because Whitebox AES-128 cryptography used by the Widevine L3 platform is vulnerable to the DFA attack.

CleanMyMac X privilege escalation bugs fixed
Multiple privilege escalation bugs in MacPaw’s CleanMyMac X software were fixed. The helper functions that run as root functions can be accessed by applications without validations. As a result, an attacker with local access to the victim machine can modify the file system as root. Users should update to CleanMyMac X v4.2.0.






  • Share this blog:
Previous
Cyware Daily Threat Intelligence January 7, 2019
Next
Cyware Daily Threat Intelligence January 3, 2019
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.