Go to listing page

Cyware Daily Threat Intelligence, July 11, 2022

Cyware Daily Threat Intelligence, July 11, 2022

Share Blog Post

While, on one side, existing ransomware threats continue to raise stakes and claim more victims, a new ransomware group has now made the headlines. Known as 0mega, the ransomware group has infiltrated several networks around the globe. Meanwhile, the relatively aged Lockbit cybercriminal group compromised the network of French telecom firm La Poste Mobile. Users have been warned to watch out for phishing and social engineering attacks.

Furthermore, a researcher has laid bare a security bug in Honda vehicles that let hackers unlock a car door and start it remotely. The flaw, identified as CVE-2021-46145, works by manipulating the code in software-defined radios.


Top Breaches Reported in the Last 24 Hours


Million of readers exposed by a breach
Mangatoon, an app for reading comic Manga and novels, was found exposing 23 million user account details via an unsecured Elasticsearch database. Exposed data include names, email addresses, social media account information, authentication tokens from social logins, and salted MD5 password hashes. A hacker who goes by “pompompurin” reportedly broke through the weak credentials of the database storage.

Killnet attempts DDoS on Latvia
Latvia has suffered a 12-hour-long DDoS attack that bombarded its public broadcasting center. Attackers also targeted the official website of the Latvian president's office and a similar attack appears to have crippled the website of the Estonian president. It is assumed that pro-Kremlin hacker group Killnet is behind this series of attacks that have been hiding around in Latvian networks for over a month.

A French telephone operator targeted
La Poste Mobile, a virtual mobile telephone operator in France, experienced a ransomware attack that impacted administrative and management services. The Lockbit ransomware group has added La Poste Mobile as one of its victims to its leak site. The firm has urged customers to be vigilant as threat actors may have accessed their data.

Top Malware Reported in the Last 24 Hours


0mega ransomware rises as new global threat
Bleeping computer took the wraps off the new ??0mega ransomware operation targeting organizations globally. Active at least since May 2022, the operators run a double-extortion model and have allegedly breached multiple organizations. They drop customized ransom notes depending on the victim, mostly containing the victim firm’s name and a short description of the type of stolen data.

BlackCat now demands $2.5 million
Security firm Resecurity discovered a significant rise in the ransom demanded by the notorious Blackcat ransomware gang which now touches $2.5 million. According to a report, the average ransomware payment count rose to a record high of $570,000 in the first half of 2021 and has now almost doubled in 2022.

Top Vulnerabilities Reported in the Last 24 Hours


Hijacking Honda cars remotely
Kevin2600, a security professional, found that all Honda car models manufactured between 2012 and 2022 suffer a Rolling-PWN attack vulnerability. The researcher put the Remote Keyless Entry (RKE) system available in modern vehicles to a test and found the flaw. A hacker can abuse this to open the door of a car or even start its engine remotely.

Top Scams Reported in the Last 24 Hours


Callback campaign by cybercriminals
CrowdStrike exposed a callback phishing campaign wherein adversaries would pose as top cybersecurity companies and inform a client company about a breach incident with a callback request. The campaign’s infection routine begins with dropping legitimate remote administration tools (RATs) for initial access. Then, it downloads off-the-shelf penetration testing tools for lateral movement. At the final stage, it may unload ransomware or pursue data extortion on victims.

 Tags

killnet group
blackcat ransomware
rats
remote keyless entry
ddos attackers
callback campaign
honda cars
phishing campaigns
lockbit ransomware
mangatoon
rolling pwn attack
la poste mobile

Posted on: July 11, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.