Go to listing page

Cyware Daily Threat Intelligence, May 03, 2021

Cyware Daily Threat Intelligence, May 03, 2021

Share Blog Post

The coronavirus pandemic has only heightened criminals’ interest in online payment systems as people took to online purchases. A piece of extensive research has revealed that hundreds of thousands of payment card details were compromised in the last six months by hacking five online ordering platforms. One of the attacks involved the use of the Magecart attack technique.

In other new threats discovered, internet-connected cars are at risk of a new attack named TBONE. Researchers demonstrated that the attack can be initiated by exploiting two vulnerabilities in ConnMan, enabling attackers to take control of cars remotely without any user interaction.

An instance of software supply chain vulnerability in PHP package manager has also been spotted by researchers. This can put millions of websites at risk.

Top Breaches Reported in the Last 24 Hours

Filipino solicitor-general office breached
Around 345,000 files from the solicitor-general of the Philippines were made publicly available for almost two months before they were taken down. These files included sensitive information for ongoing legal cases, internal passwords and policies, staffing payment information, and staff training documents.

Swiss Cloud suffers an attack
Cloud hosting provider Swiss Cloud suffered a ransomware attack on April 27. While the entire server infrastructure was not impacted, the incident affected server availability for more than 6,500 customers including high-profile customers. The company is working on restoring the affected services.

First Horizon Corporation breached
First Horizon Corporation revealed that some of its customers had their online banking accounts breached by unknown attackers earlier this month. The attack was launched using previously stolen credentials and exploiting a vulnerability in third-party software.

H&M Israel hacked
An Iranian hacker group identified as N3tw0rm has threatened to release 110GB of data belonging to H&M Israel unless its demands are met. The group is affiliated with the Iran-linked Pay2Key, which has in the past claimed to breach the Israel Aerospace Industries and Israeli cybersecurity company Portnox.

Top Vulnerabilities Reported in the Last 24 Hours

TBONE attack on Tesla
Researchers have demonstrated a new attack technique, dubbed TBONE, that can enable attackers to hack Tesla and other cars remotely without any user interaction. The attack leverages the exploitation of two vulnerabilities affecting ConnMan, an internet connection manager for embedded devices.

PHP manager flaw
A software supply chain vulnerability found in the PHP package manager can put millions of websites at risk. The flaw affects Composer, the main tool used to manage and install dependencies for PHP. The flaw has now been fixed and researchers stated that the risks posed to sites using PHP is limited.

 Tags

hm israel
swiss cloud
connman
tbone
payment card details

Posted on: May 03, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.