Cyware Daily Threat Intelligence, May 06, 2020

Share Blog post

Source code leaks have become a major security concern for the gaming sector. After the leak of source codes for two popular games of the Counter-Strike series, it has come to notice that Nintendo has fallen victim to a massive data leak affecting its Wii, N64, and GameCube consoles. In addition to source code, the leaked data also included demos, videos, and content for the said gaming consoles. The information had first appeared on Dexerto and later on 4Chan.

A new ransomware-as-a-service, named LockBit, has also been discovered in the past 24 hours. It uses brute-force and several evasion techniques to perform targeted attacks. LockBit is a new addition to the list of ransomware following the ‘Naming and Shaming’ tactic.

Top Breaches Reported in the Last 24 Hours

44 million mobile users’ data leaked
The details of 44 million Pakistani mobile subscribers, a majority of them belonging to Jazz,  have leaked online. The leaked data contained both personally identifiable and telephone-related information,  including the details of both Pakistani home users and local companies alike.

Toll Group hit
The Australian shipping giant, Toll Group, suffered a ransomware attack for the second time in three months. The attack was conducted by the operators of the Nefilim ransomware. The first attack had occurred on February 5, 2020, and was carried out by a new ransomware variant called Mailto.

Naughty Dog game’s data leak
A security flaw in patches from game developer Naughty Dog let hackers access unreleased content from the upcoming ‘The Last of Us Part II’ game that was stored in an Amazon S3 bucket. The issue, which is believed to have been discovered in January, had let the attackers steal at least 1TB of data by April.

Source code of online games leaked
Nintendo faced a serious data leak after its source code, demos, videos, and other content for Wii, N64, and GameCube became available online. The codes were leaked on 4Chan along with data containing several internal demos, an official GameBoy emulator, and SDKs.

Subdomains of PWC hijacked
An unused subdomain on pwc[.]com has been hijacked to host ads for adult apps and websites. The affected subdomain, amyca-devapi.pwc.com was  taken offline after it came to notice.

Top Malware Reported in the Last 24 Hours

LockBit ransomware
LockBit is a new ransomware that leverages brute-force techniques and evasion tactics to perform targeted attacks. Similar to other ransomware such as Maze and Sodinokibi, LockBit holds on to the victim’s data unless a ransom demand is met.
 
WordPress sites hacked
A group of hackers made hijack attempts on nearly one million WordPress sites last week by exploiting cross-scripting vulnerabilities. The attackers intended to plant malicious JavaScript code on websites by abusing the flaws in plugins like Easy2Map, Blog Designer, WP GDPR Compliance, and Total Donations.

Top Vulnerabilities Reported in the Last 24 Hours

Instacart patches spoof SMS flaw
Grocery delivery service Instacart has fixed a flaw in its website that could let attackers spoof SMS messages. The issue could be exploited to redirect online shoppers to malicious websites or download malware.

Flawed Citrix ShareFile
Citrix has rolled out a critical software update to patch multiple vulnerabilities affecting the Citrix ShareFile content collaboration platform. The identified security issues, which are collectively tracked as CTX-CVE-7473, specifically affect customer-managed on-premises Citrix ShareFile storage zone controllers and can allow unauthenticated attackers to compromise the storage zones controller and access sensitive ShareFile documents and folders.

Mozilla released Firefox 76
Mozilla has released the stable version of Firefox 76 for Windows, macOS, and Linux with multiple bug fixes. Some of the security issues fixed include use-after-free vulnerability, buffer overflow vulnerability, URL spoofing flaw, and memory corruption bug.

SAP fixes security flaws
SAP alerted some of its customers regarding security issues found in seven of its cloud products. The impacted products include the likes of SAP Success Factors, SAP Concur, SAP/CallidusCloud Commissions, SAP/Callidus Cloud CPQ, SAP C4C/Sales Cloud, SAP Cloud Platform, and SAP Analytics Cloud. SAP plans to patch the affected cloud products in the second quarter of 2020.

Google patches 39 vulnerabilities
Google, this week, addressed 39 vulnerabilities in the Android operating system as part of the May 2020 security updates. The most severe of these issues is a critical security vulnerability in the system component that could enable a remote attacker, using a specially crafted transmission, to execute arbitrary code within the context of a privileged process.

Accusoft ImageGear patches flaws
Accusoft ImageGear has patched four code execution vulnerabilities tracked as CVE-2020-6075, CVE-2020-6076, CVE-2020-6082, and CVE-2020-6094. These flaws could allow an attacker to execute code on victims’ machines.

 Tags

4chan
lockbit ransomware
sap c4csales cloud
firefox 76
nintendo
citrix sharefile

Posted on: May 06, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!