Go to listing page

Cyware Daily Threat Intelligence July 27, 2021

Cyware Daily Threat Intelligence July 27, 2021

Share Blog Post

Zero-day vulnerabilities are exploding and so are opportunities for threat actors who are always on the lookout for such security flaws. Researchers have warned about three new zero-day vulnerabilities that affect Kaseya’s Unitrends service. Users are advised not to expose the service to the internet until the patches are released. Apple users heaved a sigh of relief as the firm released an emergency patch to address a zero-day flaw that could be abused to run malicious code on iOS, iPadOS, and macOS.

A sophisticated attack that exploited a deserialization flaw in the ASP.NET application of the Checkbox Survey tool has also been reported in the last 24 hours. The notorious Praying Mantis threat actor group has made a comeback with this attack that targeted the U.S. organizations.  

Top Breaches Reported in the Last 24 Hours

BRI Life data on sale
Indonesia’s BRI Life is investigating claims that the personal details of over two million of its customers have been compromised in a hack. Meanwhile, an unnamed user has shared a post on the RaidForums website regarding the sale of around 460,000 documents stolen from BRI Life clients. 

Kaseya denies paying ransom
Kaseya has denied paying ransom to threat actors following the success of the decryption key. The attack by the REvil ransomware gang had affected around 1,500 organizations. 

Top Vulnerabilities Reported in the Last 24 Hours

Checkbox Survey vulnerability exploited
A recently disclosed vulnerability in the Checkbox Survey tool has been wildly exploited in recent attacks linked to the Praying Mantis threat actor group. These attacks were launched against organizations in the U.S. Tracked as CVE-2021-27852, the flaw is related to deserialization code execution found in the ASP.NET application of the tool. It impacts version 6 of the application.

New Kaseya vulnerabilities
Researchers have warned against three new zero-day vulnerabilities in the Kaseya Unitrends service. The vulnerabilities are related to remote code execution and privilege escalation. Users are advised not to expose the service to the internet until the patches are released.  

SeriousSAM vulnerability
Windows 10 and 11 are affected by a SeriousSAM vulnerability that can allow attackers with low-level permissions to access Windows system files to perform a pass-the-hash attack. Tracked as CVE-2021-36934, the flaw exists in the default configuration of Windows 10 and 11. Microsoft has suggested workarounds to mitigate the vulnerability.

Apple issues zero-day patch
Apple has issued patches for a zero-day vulnerability in its iOS, iPadOS, and macOS. The flaw, tracked as CVE-2021-30807, affects the iGiant’s IOMobileFrameBuffer code that can be abused to run malicious code on the affected devices.

 Tags

kaseyas unitrends service
praying mantis threat actor group
bri life
checkbox survey tool
serioussam vulnerability

Posted on: July 27, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.