Cyware Daily Threat Intelligence, June 30, 2020

Share Blog post

The increasing reliance on online portals to deliver governmental services has garnered a ton of attention from cybercriminals. In a recent case, the Click2Gov-powered payment portals run by eight U.S. cities were hit with Magecart card skimming attacks. The attackers aimed to steal both the personal and financial information of the users.

In other news, the Maine Information and Analysis Center (MIAC), a fusion center for law enforcement agencies, was affected in a data breach through a third-party service provider. Moreover, the US Cyber Command warned organizations against a critical security bug in Palo Alto Networks’ PAN-OS, which can be exploited in remote attacks by foreign state-backed adversaries.

Top Breaches Reported in the Last 24 Hours

Magecart attacks on Click2Gov portals
Trend Micro researchers found that since April 10, eight cities in three U.S. states using the Click2Gov web-based payment platform, have suffered Magecart card-skimming attacks. According to the researchers, the attacks still appear to be active. The attackers aimed to extract users’ card numbers, expiration dates, and CVV, as well as personal information, such as names and contact addresses.

French public broadcaster under attack
The France Télévisions group, the French public national television broadcaster, disclosed that it was targeted in a cyberattack aimed at one of its broadcasting sites. According to the group, the attack did not impact its broadcasting operations.

Fusion center breach
On June 20, Maine state police were notified of a data breach incident that may have included information from the Maine Information and Analysis Center (MIAC). The breach occurred at Netsential. It is a third-party service provider that provides web hosting services to hundreds of law enforcement and government agencies across the country, since 2017.

Top Malware Reported in the Last 24 Hours

25 Android malware apps
The French cybersecurity firm, Evina, discovered 25 malicious apps on the Google Play Store that were designed to steal users’ Facebook credentials. Before Google removed the apps from its store, the apps had garnered a combined total of over 2.34 million downloads.

Top Vulnerabilities Reported in the Last 24 Hours

Critical security flaw in PAN-OS
The US Cyber Command warned organizations against a critical security bug in PAN-OS, the operating system used in firewalls and enterprise VPN appliances made by Palo Alto Networks. The authentication bypass vulnerability, tracked as CVE-2020-2021, scored a perfect 10 on the CVSSv3 severity scale. The agency warned that the flaw can be remotely exploited by foreign state-backed actors to gain a foothold on vulnerable devices.

Top Scams Reported in the Last 24 Hours

Calendar-based phishing campaign
Researchers at Cofense discovered a new phishing campaign that uses calendar invites in the iCalendar (.ics) file format to lure users to a fake Wells Fargo login page. Moreover, the attackers sent the phishing emails from a compromised school district account to bypass email filters relying on the DKIM and SPF technologies.

COVID-19 lures for Office 365 users
CheckPoint researchers uncovered a credential phishing campaign targeted at Office 365 users. It tricks users into registering for “COVID-19 Training for Employees” by redirecting them to a fake login page designed to steal their credentials.

 Tags

covid 19 scams
maine information and analysis center miac
fake calendar invite
palo alto networks pan os
click2gov payment portals

Posted on: June 30, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!