Go to listing page

Cyware Daily Threat Intelligence, June 09, 2021

Cyware Daily Threat Intelligence, June 09, 2021

Share Blog Post

Meet PuzzleMaker, a new threat actor in the making. Researchers have cited that the gang is actively engaged in highly targeted attacks that exploit a chain of vulnerabilities in Google Chrome and Microsoft Windows. The coordinated attacks were first spotted in mid-April.

While threat actors continue to aim for unpatched vulnerabilities, software manufacturers and vendors are always on their toes to apply security updates. Adding to the June 2021 Patch Tuesday list, Intel and Microsoft have issued security patches for 73 and 50 vulnerabilities respectively found in their products. Adobe has also rolled out security updates for multiple flaws affecting its Acrobat, Reader, Photoshop and Creative Cloud desktop application.

Top Breaches Reported in the Last 24 Hours

Spanish Ministry hit
The Spanish Ministry of Labor and Social Economy (MITES) is working on restoring services after being hit by a cyberattack. While the ministry’s website is still up after the attack, both the communications office and the multimedia room are down.

ADATA hit
Memory and storage manufacturer ADATA was forced to take its system offline after being hit by Ragnar Locker ransomware. The attack occurred on May 23, following which the firm took preventive measures to contain the infection.

New malicious campaign
A new malicious campaign that targets Kubeflow, is being used to deploy cryptocurrency mining workloads. In this new attack campaign, attackers appear to have gained access to a large number of Kubeflow dashboards from where they deployed new work pipelines. These pipelines ran a modified version of Google’s TensorFlow open-source library to mine cryptocurrency.

Top Malware Reported in the Last 24 Hours

New BlackCocaine ransomware
The newly discovered BlackCocaine ransomware has been held responsible for the attacks on Nucleus Software. Written in Go language, the ransomware uses AES and RSA algorithms to encrypt files. After the successful encryption process, the ransomware drops a ransom note on how to recover the encrypted files.

Top Vulnerabilities Reported in the Last 24 Hours

Intel fixes 73 flaws
Intel has addressed 73 security vulnerabilities as part of the June 2021 Patch Tuesday. This includes patches for fve high severity vulnerabilities affecting the Intel Virtualization Technology for Directed I/O products, the BIOS firmware for some Intel processors, and the Intel Security Library.

Microsoft issues patches
Microsoft has addressed six windows zero-days among 50 vulnerabilities found in its products. The six zero-day vulnerabilities are tracked as CVE-2021-33742, CVE-2021-31955, CVE-2021-31956, CVE-2021-31962, CVE-2021-31199, and CVE-2021-31201.

Siemens and Schneider Electric address flaws
Both Siemens and Schneider Electric have issued security advisories for several vulnerabilities affecting their products. While Siemens has released advisories for flaws affecting its Simcenter Femap, SIMATIC TIM, Solid Edge, SIMATIC NET, Mendix, JT2Go, Teamcenter Visualization, and SIMATIC RF products, Schneider Electric has addressed flaws found in SCADA and PowerLogic products.

Adobe rolls out patches
Adobe has patched multiple vulnerabilities found in Acrobat, Reader, Photoshop and Creative Cloud Desktop Application. The most serious of these vulnerabilities could allow attackers to take complete control of Windows or macOS machines.

Faulty Joomla fixed
Two vulnerabilities found in Joomla have been fixed with the release of a new version of the CMS. The flaws are related to a XSS vulnerability and a password reset vulnerability.
 
Top Scams Reported in the Last 24 Hours

Phishing around FINRA
An ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA is targeting users in an attempt to steal personal details. The victims are threatened with penalties if they fail to submit the requested information on time, a strategy to put pressure on them. FINRA has recommended users not to click on any link or image from unsolicited emails to stay safe from these attacks.

 Tags

adata
adobe
puzzlemaker
ragnar locker ransomware group
blackcocaine ransomware

Posted on: June 09, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.