Cyware Daily Threat Intelligence, July 10, 2020

Share Blog post

Lately, Microsoft Office 365 users are facing a deluge of phishing attacks. After fake Zoom account suspension alerts and bogus OAuth app scams, malicious actors are now impersonating the Outlook team to target Office 365 users. Apart from this, attackers are sending malicious emails through legitimate SurveyMonkey domains to steal Microsoft Office credentials.

In other developments, hackers have been found actively scanning the internet for the recently discovered 11 vulnerabilities in Citrix products. These flaws can be exploited to launch a variety of attacks.

Top Breaches Reported in the Last 24 Hours

SWVL hacked
The Egypt-based ride-hailing app, SWVL, was targeted by hackers in an attempt to steal personal data of passengers. The impacted data included emails, names, and phone numbers of users. Since the attack, the firm has deployed additional security measures to prevent such future attacks.

Chilton County attacked
Chilton County, Alabama, had temporarily shut down its computer networks following a ransomware attack. The incident occurred on July 7, 2020, and had affected the County’s computer records systems including the tax office and probate court records.

Top Vulnerabilities Reported in the Last 24 Hours

Faulty SETracker app
A vulnerability found in the SETracker app used for certain smartwatches can be exploited by hackers to cause dementia patients to overdose on their medications. The manufacturer was alerted of the issue, which has been fixed now.

Zoom zero-day bug
Zoom has fixed a zero-day vulnerability in its Windows client, which could potentially lead to arbitrary remote code execution. The issue affects Windows 7 and older Windows systems.

Citrix vulnerabilities scanned
Hackers are closely scanning the internet for recently discovered 11 Citrix vulnerabilities. These flaws affect Citrix ADC, Gateway, and SD-WAN WANOP networking products and can be exploited for privilege escalation, DoS attacks, authorization bypass, code injection, and XSS attacks.

Vulnerable OpenClinic GA
A dozen vulnerabilities have been identified in OpenClinic GA. The flaws can be exploited to bypass access controls and account protections, obtain sensitive information, upload and execute arbitrary files, and execute arbitrary code or commands.

Vulnerable FTTH OLT devices
Security researchers have discovered seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. These flaws can be leveraged to give backdoor access to devices.

KingComposer patches a flaw
KingComposer has patched a reflected cross-site scripting (XSS) flaw in its plugin. Tracked as CVE-2020-15299, the flaw has a severity score of 6.1 and is found in Ajax functions used by the plugin.

Top Scams Reported in the Last 24 Hours

Office 365 users targeted again
Bad actors are using a message disguised as official notification from the Outlook team to trick Microsoft Office 365 users into handing over their personal information. The fake message asks recipients to upgrade their Outlook services within 24 hours by clicking on a spoofed Outlook login page. In another incident, attackers were found sending malicious emails through legitimate SurveyMonkey domains in a bid to bypass security filters and eventually steal Microsoft credentials.

ATO warns of new tax scam
The Australian Taxation Office (ATO) has raised an alarm on various scams related to tax filing. The scams begin with users being sent SMS and emails that appear to come from myGov. The purpose of these scams is to harvest personal details of users.

 Tags

kingcomposer
microsoft office 365 users
australian taxation office ato
swvl app
surveymonkey domains

Posted on: July 10, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!