Cyware Daily Threat Intelligence January 7, 2019

Top Breaches Reported in the Last 24 Hours


Singapore Airlines data breach
Singapore Airlines recently suffered a data breach due to a software glitch where PIIs of 278 customers got exposed. The compromised information includes details like names, email addresses, account numbers, membership tier statuses, KrisFlyer miles, recent miles transactions, and upcoming flights. It also leaked passport details of 7 customers. But, no credit card data was compromised.

PIIs of Humana Health Insurance applicants exposed
Humana Health Insurance policy applicants received a major setback when their PIIs got exposed due to a data breach. Names, dates of birth, last 4 digits of Social Security Numbers, and other details got exposed. However, the full Social Security Numbers, health care info, and banking or credit card details were not exposed. Attackers used Banker’s Life employee system credentials to gain access to the websites.  The incident was reported to the federal law enforcement.

Top Malware Reported in the Last 24 Hours


Tampermonkey Extension installed by malware
Opera browser has blacklisted Tampermonkey v4.7.54 which is currently offered on the Chrome Web Store. This is because the extension is being controlled by Windows malware. It prevents the extension from working in the Opera browser. A sample of adware called Gom Player is found installing Chrome Web Store version of Tampermonkey. It is done to facilitate the injection of ads or other malicious behavior.

14 iPhone apps connected to Golduck malware
Wandera researchers found 14 retro gaming apps that communicated with the same server used to control Golduck malware for Android. These apps were loaded with ads that were used to trick users into granting permission for malware installed outside the App Store. The apps are not technically compromised as they don’t contain any malicious codes. But, the backdoor they open presents a risk of exposure.

Top Vulnerabilities Reported in the Last 24 Hours


WordPress bug allowing PHP injection attacks
A severe WordPress flaw is found allowing contributors to conduct PHP Object Injection attacks via crafted metadata. This results in a full system compromise. The bug allows the unauthorized disclosure of information and disruption of service. It is caused by mishandling of serialized data at phar:// URLs in the ‘wp_get_attachment_thumb_file’ function. This flaw can affect WordPress versions since 3.7. So, users are asked to update to WordPress version 5.0.1 immediately.

Critical DoS flaw affecting Yokogawa products
A serious DoS flaw is found to impact several industrial automation products manufactured by Yokogawa Electric. The flaw mainly targets the Open Communication Driver for Vnet/IP, a real-time plant network system for process automation. The vulnerable drive in question is used by many products, including CENTUM CS 3000 and CENTUM VP distributed control systems. Yokogawa has already addressed the flaw by releasing security patches for some of the impacted products. However, some of the affected software versions will not receive patches because they have reached the end of support.

Top Scams reported in the Last 24 Hours


TV Licensing scam email target thousands
Thousands of TV license holders were affected recently by a highly convincing phishing campaign which appears to be sent from UK’s TV Licensing authority. The spoofed emails sent by the fraudsters are designed to trick people into giving up their payment details.  Scammers are found raising concern over an overpayment refund. They mention that they’ll be refunding the overpaid amount to the victims. A link is provided in the email to claim the refund. On clicking, it takes the victims to a website which asks them for payment details. The details are used for identity thefts and hacking bank accounts. More than 5000 complaints about this convincing scam have been received over the last 3 months.






  • Share this blog:
Previous
Cyware Daily Threat Intelligence January 8, 2019
Next
Cyware Daily Threat Intelligence January 4, 2019
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.