Cyware Daily Threat Intelligence July 20, 2018

Update available for Openstack
A security update has been made available for Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7. The update addresses an issue tracked as CVE-2018-10898. Fixed flaws include docker logs opendaylight_api command that doesn't show the OpenDaylight controller's log. Users are urged to update their system asap.

Use-after-free Vulnerabilities
Security researchers have discovered a pair of vulnerabilities in Foxit PDF Reader. Cyber criminals are capable of using specially crafted PDF files to trigger the use-after-free vulnerabilities potentially leading to a use-after-free condition. Attackers can use various techniques to trick users into opening the malicious file. The two vulnerabilities are marked as CVE-2018-3924 and CVE-2018-3939. Data breach at ComplyRight
A human resources service provider for small businesses, ComplyRight has become a victim of a data breach. The company discovered unauthorized access of its website between April 20 and May 22. The company reported that the data breach only impacted less than 10% of the individuals. No evidence of fraud has been detected yet.

MoneyTaker group steals Russian bank
The Russia-based PIR Bank lost around $1 million after the MoneyTaker hacker group hacked them to steal money. The funds were stolen from Bank of Russia’s Automated Workstation Client. MoneyTaker transferred the stolen amount to 17 accounts at major Russian bank as and cashed out.

In-app currency for money laundering
An exposed MongoDB instance has been exploited to steal credit card numbers and payment details. Attackers combined credit card details with a dump of Facebook and stolen email account data. Some of the information was also stolen from freemium games that offer in-app purchases through virtual currency.