Go to listing page

Cyware Daily Threat Intelligence, July 04, 2022

Cyware Daily Threat Intelligence, July 04, 2022

Share Blog Post

Django is among the top Python web frameworks today and is used by some top brands in the U.S. The team behind it has recently addressed a high-severity flaw that could allow an unauthorized third party to attack Django web apps. Making the headlines is a fresh alert by the CISA to patch a Windows Local Security Authority (LSA) spoofing vulnerability, which it had to removed from its exploited vulnerabilities list in May. 

Besides, insider risk is an ongoing challenge that cannot be overlooked. HackerOne was intimated of a situation by an unnamed customer about suspicious vulnerability disclosure. During the investigation, an employee was found guilty of an attempt to receive monetary payouts by stealing vulnerability reports.


Top Breaches Reported in the Last 24 Hours


Insider threat compromises vulnerability reports
At HackerOne, an employee was found leaking vulnerability disclosure reports, submitted to the platform by its partners. The leak was intended to claim the bug bounty rewards from the partners for personal gains. Taking cognizance of the situation, HackerOne has fired the employee and ensured to try to minimize the probability of such instances.

Top Malware Reported in the Last 24 Hours


Worm burrows Windows networks
Microsoft has unveiled the Raspberry Robin worm that is being spread via infected USB devices and requires users to click on a malicious .LNK file. The worm utilizes a Windows command prompt to launch a msiexec process and run its malicious file embedded within the device. Additionally, it brings the ability to bypass Windows User Account Control (UAC) while using the utilities available on the OS.

Top Vulnerabilities Reported in the Last 24 Hours


Windows LSA bug patch notice
The CISA has added back a Windows LSA Spoofing vulnerability, tracked as CVE-2022-26925, to its Known Exploited Vulnerabilities Catalog and urged federal agencies to patch their devices by July 22. It was put on hold in May due to Active Directory (AD) certificate authentication issues caused by Microsoft's May update.

Critical bug fixed in Django
Django has addressed a potential SQL Injection flaw, tracked as CVE-2022-34265, affecting Django's main branch and versions 4.1 (currently in beta), 4.0, and 3.2. The open-source Python-based web framework is at the core of tens of thousands of websites. Users need to update their Django versions to 4.0.6 and 3.2.14.

Top Scams Reported in the Last 24 Hours


Social media accounts hijacked
Scammers took over the Twitter and YouTube accounts of The British Army to promote NFT and cryptocurrency scams. The YouTube account’s name was changed and they also posted YouTube videos with a photo of Elon Musk. The British Army's Twitter account was also altered to promote NFTs. The group behind the scam is yet to be determined.

 Tags

django framework
twitter id
sql injection flaws
windows user account control
the british army
cisa warning
cve 2022 26925
youtube accounts
windows lsa
raspberry robin
lnk file
vulnerability disclosure reports
hackerone

Posted on: July 04, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.