Cyware Daily Threat Intelligence, June 15, 2020

Share Blog post

Experts have raised an alarm about a new side-channel attack. Dubbed Lamphone, the technique relies on the fluctuations in air pressure on the surface of a hanging bulb. It can be used to pilfer private conversations between users.

Meanwhile, Intel has announced a new security capability to protect devices that will use the company’s upcoming Tiger Lake mobile processors. Termed as Control-Flow Enforcement Technology, the feature will be beneficial against Return Oriented Programming/Jump Oriented Programming/Call Oriented Programming malware.

Moreover, cyber crooks were found using SEO spamming to fool website owners into believing that their websites’ databases were compromised. The actors demanded ransoms from the owners to prevent the leak of data, which actually did not exist.

Top Breaches Reported in the Last 24 Hours

Claire’s breached
The U.S.-based jewelry and accessory giant Claire’s and its subsidiary Icing were compromised in April in a Magecart attack. This enabled the attackers to steal customers’ credit card details. The skimmer was served from a domain that looked similar to that of the company’s legitimate domain.

Intersport also attacked
Intersport’s web store had suffered a Magecart-like attack after crooks planted skimmer code on the checkout page to steal credit card details. The incident had occurred on April 30 and May 14, 2020.

Top Malware Reported in the Last 24 Hours

Black Kingdom ransomware
The operators of Black Kingdom ransomware are targeting enterprises with unpatched Pulse Secure VPN software. The vulnerability in question is CVE-2019-11510. According to researchers, the ransomware establishes persistence by impersonating a legitimate scheduled task for Google Chrome. It uses .DEMON extension to append the encrypted files and later drops a ransom note, demanding $10,000 to be deposited to a bitcoin wallet.

Top Vulnerabilities Reported in the Last 24 Hours

Intel adds a new security
Intel has announced a new CPU-level security capability that offers protection against malware using control-flow hijacking attack methods. Termed as Control-Flow Enforcement Technology (Intel CET), the software will guard devices that will use the upcoming Tiger Lake mobile processors. It includes two new capabilities- Shadow Stack and Indirect Branch Tracking (IBT).

Lamphone attack
A group of researchers has devised a new side-channel attack technique, called Lamphone, for eavesdropping on conversations. It relies on the fluctuations in air pressure on the surface of a hanging bulb. The researchers have successfully tested the technique by targeting an office room located on the third floor of an office building.
 
GTP vulnerabilities
Vulnerabilities in the GPRS Tunneling Protocol (GTP) can expose 4G and 5G cellular networks to a variety of attacks. This includes denial of service attacks, impersonation attacks, and identity fraud. The flaws impact both mobile operators and their clients.

Top Scams Reported in the Last 24 Hours

Cybersquatting
Cybercriminals have reportedly created a legitimate-looking copy of privnote.com to trick users by manipulating their text content. This enabled the crooks to steal bitcoin by changing wallet addresses contained in requests sent via the platform.

Spamdexing
Scammers are using blackhat SEO techniques to threaten website owners into paying ransoms between $15,00 and $3,000 in bitcoins. The fraudsters make a fake claim that they have exfiltrated their databases and will leak the same on the internet unless a ransom is paid.

 Tags

intersport
lamphone
seo spamming
black kingdom ransomware
control flow enforcement technology

Posted on: June 15, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!