Cyware Daily Threat Intelligence, July 15, 2020

Share Blog post

The monthly security updates for July are here and Microsoft, as usual, grabbed the limelight by releasing patches for 123 vulnerabilities. One of the 18 critical vulnerabilities, fixed in this cycle, affects the Windows DNS Server. It is called as SIGRed and is a 17-years-old bug.

Adobe has also fixed a total of 13 security issues affecting its Creative Cloud Desktop, Media Encoder, Download Manager, Genius Service, and ColdFusion. Four of these flaws are rated ‘Critical’ and can allow attackers to execute arbitrary code.

Talking about malware, a new backdoor dubbed GoldenHelper has been found to be distributed via Golden Tax Invoicing software. The malware uses several techniques to gain persistence over target systems.

Top Breaches Reported in the Last 24 Hours

Wattpad data breaches
A database allegedly stolen from Wattpad was offered for sale for over $100,000. Now, it is being offered for free on hacker forums. The database contains 270 million records that include names, hashed passwords, email addresses, and general geographic location.

Top Malware Reported in the Last 24 Hours

New GoldenHelper malware
A new backdoor, dubbed GoldenHelper, has been found to be distributed via Golden Tax Invoicing software. The malware is completely different from GoldenSpy backdoor but uses a very similar delivery method to gain access to the networks of international companies doing business in China. Some of the interesting techniques used by the malware include randomization of name whilst in transit, randomization of file system location, timestomping, IP-based DGA (Domain Generation Algorithm), UAC bypass, and privilege escalation.

Top Vulnerabilities Reported in the Last 24 Hours

Microsoft patches 123 flaws
Microsoft has fixed 123 vulnerabilities as part of this month’s security updates. 18 of these have been rated critical and can lead to remote code execution. These critical flaws affect Windows, the .NET framework, Internet Explorer, SharePoint, Visual Studio, Office, and Hyper-V. One of these critical flaws affects Windows DNS Server and is identified as SIGRed.

Adobe fixes critical bugs
Adobe has addressed 13 flaws affecting its Creative Cloud Desktop, Media Encoder, Download Manager, Genius Service, and ColdFusion. Four of these flaws are rated ‘Critical’ and can allow attackers to execute arbitrary code. The remaining security issues can lead to privilege escalation, DLL search-order hijacking, insecure library loading, and insecure file permissions.

SAP releases 10 security notes
SAP has released eight security notes, including updates to two previous Patch Day security notes, in its July 2020 Patch Day. Two of these flaws affect NetWeaver AS Java. They are identified as CVE-2020-6287 (referred to as RECON) and CVE-2020-6286.

Vulnerable AMD and Intel drivers
Multiple vulnerabilities in Intel’s Graphics Accelerator Driver and AMD Radeon driver have been found by researchers. It is likely that attackers can exploit these flaws to target users remotely. While AMD has released its own set of patches, Intel is yet to address these vulnerabilities.

Gigabit routers affected
Gigabit Wi-Fi routers are affected by five vulnerabilities. One of these flaws is related to the default password which is left open to the internet. Among the other flaws found in the router are a cross-site scripting flaw and a cross-site request forgery issue.

 Tags

wattpad
intel drivers
adobe
goldenhelper malware
gigabit routers

Posted on: July 15, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!