Cyware Daily Threat Intelligence, June 02, 2020

Share Blog post

With threat actors constantly looking out for opportunities to exploit vulnerable software, organizations should always be on alert to apply critical security patches. In the past 24 hours, Cisco has issued a security patch for a critical security flaw affecting its NX-OS software. The flaw can be exploited to launch Denial-of-Service (DoS) attacks on Nexus switches. Furthermore, Apple has released iOS 13.5.1 to fix a recently discovered Unc0ver jailbreak - that could allow hackers to gain root access and take control of devices.

Even Sodinokibi ransomware operators created havoc in the last 24 hours. They have released the files stolen from the U.K power grid company, Elexon, after a failed ransom demand.

Top Breaches Reported in the Last 24 Hours

Data leaked on the dark web
A group of hackers stole corporate data from Kent Commercial Services (KCS) and demanded a ransom of $1 million in Bitcoin. The stolen data was later leaked on the dark web when the firm denied paying the ransom. KCS stated that no personal data related to taxpayers was compromised in the attack.

Ransomware operators terror
The operators behind Sodinokibi ransomware have leaked the files stolen from the U.K power grid company, Elexon. The firm was attacked in May, following which many system operations were disrupted.
 
Top Vulnerabilities Reported in the Last 24 Hours

Cisco issues security update
A critical security flaw in Cisco’s NX-OS software can trigger a DoS attack on various Nexus switches. The flaw, tracked as CVE-2020-10136, exists in the IP-in-IP tunneling protocol.  It has a score of 8.6 on the CVSS scale and can allow a remote attacker to bypass network access controls and route malicious internet traffic to internal networks. Cisco has released a software update to address the flaw.

VMware patches a flaw
VMware has patched a vulnerability in its Cloud Directory that could be exploited to perform code execution attacks and take over private clouds. The flaw, identified as CVE-2020-3956, has a severity score of 8.8. It can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface, and API access. Apart from this, VMware has also fixed a DoS vulnerability found in its Workstation 15. The vulnerability exists in VMware guest mode and can cause the software to crash.

Kubernetes bug
Kubernetes clusters configured to use certain Container Networking Implementations (CNIs) are susceptible to Man-in-the-Middle (MitM) attacks. The vulnerability has a ‘medium’ CVSS score of 6.0 and has been fixed with security updates.

Apple release iOS 13.5.1
Apple has released iOS 13.5.1 for iPhone, iPad, and iPod touch devices with several security fixes, including the recently discovered Unc0ver jailbreak. The exploit works on all Apple devices running iOS versions prior to 13.5.1. It can grant user root access and full control over devices to hackers.

Top Scams Reported in the Last 24 Hours

Contact-tracing scam
Experts have warned U.K citizens about phishing scams that leverage the NHS test and trace service. These scams are conducted either via phone calls or text messages. It works by informing the victims that they have come in contact with someone who is infected with COVID-19. The elderly population is particularly susceptible to such scams. The main goal of scammers is to get access to personal information.

 Tags

cisco nx os software
elexon
sodinokibi ransomware
kubernetes clusters
unc0ver jailbreak
kent commercial services kcs

Posted on: June 02, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!