Go to listing page

Cyware Daily Threat Intelligence July 12, 2021

Cyware Daily Threat Intelligence July 12, 2021

Share Blog Post

Major security update alert! Kaseya has rolled out patches for VSA vulnerabilities including the zero-day vulnerability that was successfully exploited in the recent REvil ransomware attack. Organizations should duly patch the flaws to prevent further espionage attacks.

Meanwhile, threats in the form of new malware and new attack techniques continue to wreak havoc on organizations and users. An undocumented Python-based backdoor called BIOPASS RAT is being used in a watering hole attack that targets online gaming companies in China. Magecart Group 7 has evolved its attack technique to harvest more payment card details by encoding the malware within command blocks.

Top Breaches Reported in the Last 24 Hours

Mint Mobile discloses a breach
Mint Mobile has disclosed a data breach that exposed subscribers’ account information and ported phone numbers to another carrier. The incident occurred between June 8 and June 10. As a result, the hacker gained unauthorized access to the call history, names, addresses, email addresses, and passwords of a small number of subscribers.

Magecart’s new evasion technique
Magecart hackers have now come up with a new technique to evade detection while harvesting payment card details. They have encoded the malware code within comment blocks and are hiding stolen credit card data in images and other files hosted on the server. The attack is attributed to Magecart group 7 based on tactics, techniques, and procedures.

LinkedIn data on sale
Attackers are selling information from 600 million LinkedIn profiles on a hacker forum. The samples include full names, email addresses, social media accounts, and other user data points.

Bank of Oak Ridge affected
Bank of Oak Ridge, has revealed that an attacker may have viewed banking customer data after hacking into a system. The breach took place between April 26 and 27.

Another data breach reported
Clients of Spreadshirt, Spreadshop, and TeamShirts have been warned of a security breach that resulted in the leak of their details. An attacker gained unauthorized access to the details by hacking into the company’s servers.

Top Malware Reported in the Last 24 Hours

BIOPASS RAT
An undocumented Python-based backdoor called BIOPASS RAT is taking advantage of Open Broadcaster Software (OBS) Studio’s live-streaming app to pilfer the screen of its victims. The malware is being used to target online gambling companies in China via a watering hole attack. The BIOPASS is said to be under active development.

Top Vulnerabilities Reported in the Last 24 Hours

Kaseya releases patches
Kaseya has rolled out urgent updates to address critical vulnerabilities in its VSA servers. These include a patch for the zero-day vulnerability that was exploited in a massive ransomware attack. The vulnerabilities are tracked as CVE-2021-30116, CVE-2021-30117, CVE-2021-30118, CVE-2021-30119, CVE-2021-30120, CVE-2021-30201, and CVE-2021-30121. The firm has shipped VSA version 9.5.7a.

Mitsubishi Electric patches vulnerabilities
Mitsubishi Electric has patched multiple vulnerabilities affecting many of its AC products. One of these includes a critical vulnerability that exposes the affected control systems to unauthenticated XML external entity injection (XXE) attacks. The issue is tracked as CVE-2021-20595 and has a CVSS score of 9.3.


 Tags

bank of oak ridge
kaseya
linkedin user
mitsubishi electric
biopass rat

Posted on: July 12, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.