Go to listing page

Cyware Daily Threat Intelligence, July 16, 2020

Cyware Daily Threat Intelligence, July 16, 2020

Share Blog Post

Social media platforms provide cybercriminals with an opportunity to manipulate and defraud users on a large scale in a short period of time. In the last 24 hours, Twitter was hit with one massive hacking attack wherein several high-profile accounts, such as those of Elon Musk, Bill Gates, and several other verified celebrities, were hijacked by the attackers. The hijacked accounts were used to promote a fake cryptocurrency giveaway scam.

Meanwhile, several major software vendors released dozens of security updates for their products. While Oracle came out with a set of 443 security patches for a variety of its enterprise products, Cisco issued 31 fixes for vulnerabilities in its small business routers and firewall.

Top Breaches Reported in the Last 24 Hours

Massive Twitter hack
A number of high-profile Twitter accounts were hacked by attackers who used the celebrity and organizational accounts, with millions of combined followers, to promote a fake cryptocurrency giveaway. The attackers are believed to have exploited a Twitter admin tool to execute the hack.

Bhinneka data dump
Cybercriminals dumped a stolen database from Indonesia’s largest online store, Bhinneka, on a hacker forum. The database contained over 1.2 million account records with users’ personal information such as full names, addresses, emails, gender, contact numbers, social media IDs, and salted passwords, among other details.

Property management company leak
An unsecured AWS S3 storage server belonging to the Wellington, New Zealand-based company, LPM Property Management, exposed more than 31,000 files. The exposed files mostly included images of users’ passports, driver’s licenses, evidence of age documents, and others.

Top Malware Reported in the Last 24 Hours

Bazar backdoor link with TrickBot
Researchers found links between the Bazar backdoor and the infamous TrickBot banking trojan. Both malware were found using the same WinAPIs, custom RC4 implementation, and heavy obfuscation, and also shared similar attack tactics.

Top Vulnerabilities Reported in the Last 24 Hours

Oracle security patches
This week, Oracle released its quarterly Critical Patch Update (CPU), which includes a total of 443 new security patches. Out of these, more than half the addressed vulnerabilities are remotely exploitable without authentication. The two most severe of these security flaws are in Oracle’s SD-WAN Aware and SD-WAN Edge solutions, tracked as CVE-2020-14701 and CVE-2020-14606, respectively. Both the flaws were rated with a CVSS score of 10.

Cisco router flaws
Cisco released a set of 31 security patches this week for its Small Business RV series routers, firewall, and Prime License Manager. The patches addressed different vulnerabilities including remote code execution, authentication bypass, arbitrary code execution, and privilege escalation, and static default credentials.

Vulnerabilities in LibreHealth EHR
Security researchers from Bishop Fox discovered five high-risk vulnerabilities in the open source electronic health record (EHR) system from LibreHealth. The vulnerabilities present in LibreHealth EHR v2.0.0 could allow unauthenticated attackers to compromise its underlying server and gain access to sensitive patient health information and health records.

Top Scams Reported in the Last 24 Hours

HMRC tax relief scam
A new email phishing scam that aims to harvest Her Majesty's Revenue and Customs (HMRC) credentials and sensitive personal information was recently discovered. The scam targets U.K. workers with the pretense of offering between £2500 and £7500 in tax grants for unemployment assistance during the COVID-19 pandemic.


librehealth ehr
twitter account hacks
lpm property management
tax relief scam
bazar backdoor

Posted on: July 16, 2020

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.