Cyware Daily Threat Intelligence, June 03, 2020

Share Blog post

Another day, another round of new security patches. Google and SAP have released several security updates as part of the June 2020 security patches. While Google has addressed a total of 43 flaws affecting its Android system, SAP has fixed more than six vulnerabilities affecting its Sybase database, ABAP application server, and Business Client software.

In other developments, threat actors behind TrickBot trojan once again upgraded their techniques by adding a new malware called ‘BazarBackdoor’. The backdoor is delivered via phishing emails that use employee termination notices, customer complaints, and other themes to lure victims.

Top Breaches Reported in the Last 24 Hours

Coincheck announces a breach
Japanese cryptocurrency exchange Coincheck has disclosed a security breach that occurred earlier this week. The hackers managed to access some emails sent to the firm by its customers. As a result, the hackers could obtain personal information of some users such as their names, dates of birth, phone numbers, and registered addresses.

DMI breached
DopplePaymer ransomware gang has claimed to have breached a NASA IT contractor, Digital Management Inc. To support their claims, the attackers have shared 20 archive files stolen from the firm on a dark web portal. These archives include HR documents and project plans.

Top Malware Reported in the Last 24 Hours

New BazarBackdoor malware
The operators of TrickBot trojan have been found using a new backdoor called ‘BazarBackdoor’ to gain full access to targeted networks. The attack campaign makes use of phishing emails that leverage employee termination notices, customer complaints, and other themes to propagate the backdoor.

Cryptocurrency hacks
Hackers have been found using a bot to scan publicly available GitHub repositories. The ultimate goal of the hackers is to steal cryptocurrencies from an individual’s wallet account. The incident came to light after a Redditor left his MetaMask wallet’s mnemonic exposed in a public GitHub repository.


Top Vulnerabilities Reported in the Last 24 Hours

Google rolls out updates
Google has addressed a total of 43 vulnerabilities in Android systems as part of the June 2020 security patches. The most critical of these vulnerabilities are two remote code execution vulnerabilities which are tracked as CVE-2020-0117 and CVE-2020-8597. Both the flaws affect Android versions 8.0 through 10.

SAP patches flaws
SAP has issued several security updates for vulnerabilities affecting its different products. These include fixes for six flaws affecting SAP’s Sybase database software. Other critical security patches are for the ABAP application server, Business Client, BusinessObjects, Master Data Governance, Plant Connectivity, NetWeaver, and SAP Identity Management software.

Cold boot attack
Last month, LG had released a security update for a vulnerability that impacted its Android smartphones sold over the past seven years. The flaw, identified as CVE-2020-12753, existed in the bootloader component of the smartphone. It impacted phones starting with the LG Nexus 5 series.

 Tags

exchange coincheck
dopplepaymer ransomware gang
github repositories
bazarbackdoor
android systems

Posted on: June 04, 2020

Get the Daily Threat Briefing delivered to your email!



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.



Join Thousands of Other Cyware Followers!