Go to listing page

Cyware Daily Threat Intelligence, May 12, 2021

Cyware Daily Threat Intelligence, May 12, 2021

Share Blog Post

IoT threats have become a massive cause for concern, especially when there’s no solution for defense available. The newly discovered FragAttacks fall in this category as almost every WiFi device is susceptible to the risk of attacks. Meanwhile, a new Android malware impersonating the Google Chrome app was found victimizing hundreds of thousands of users. 

Moving on, our next stop is at data breaches affecting government and law enforcement entities. A vendor for the Veterans Administration allegedly exposed a database containing medical records of 200,000 U.S. military veterans. In another vein, several police officers from Washington’s Metropolitan Police Department had their data leaked by Russian-speaking hackers.

Top Breaches Reported in the Last 24 Hours

Veterans' data exposed
A database filled with the medical records of nearly 200,000 U.S. military veterans was exposed online by United Valor Solutions, a vendor working for the Veterans Administration. The exposed data included patient names, birth dates, medical information, contact information, doctor information, appointment times, as well as unencrypted passwords and billing details.

Personal info of D.C. officers leaked
The ransomware gang that hacked into the Washington, D.C. police department leaked extensive personal information of 22 officers after a failed negotiation. The leaked information includes social security numbers, psychological assessment results, dates of birth, driver’s licenses, and polygraph test results, among others.

Top Malware Reported in the Last 24 Hours

Android smishing trojan
A new Android malware impersonating the Google Chrome app has propagated to hundreds of thousands of victims. The app is part of a hybrid cyberattack campaign and starts with a typical smishing bet. 

Affiliates of DarkSide RaaS tracked
FireEye researchers tracked down five distinct activity clusters, associated with the DarkSide Ransomware-as-a-Service (RaaS), responsible for the Colonial Pipeline incident. Three of the groups are tracked as UNC2465, UNC2628, and UNC2659. 


Top Vulnerabilities Reported in the Last 24 Hours

Adobe patches critical flaw
Adobe patched a critical zero-day security vulnerability, in its Acrobat Reader software, which is being abused in the wild. Tracked as CVE-2021-28550, the bug affects eight versions of the software running on Windows and macOS systems.

FragAttacks on WiFi devices
Multiple design and implementation flaws, dubbed FragAttacks, in IEEE 802.11 technical standards leave all WiFi devices vulnerable to attacks. These flaws can be exploited by attackers within radio range of a target. 

 
Top Scams Reported in the Last 24 Hours

Phishing campaign targets Office 365
A phishing campaign was spotted leveraging an online email authentication solution from Zix to trick targets into feeling secure. The attack targeted Office365 users and reached between 5,000 and 10,000 mailboxes.

 Tags

fragattacks
adobe acrobat reader
darkside ransomware gang
us military veterans

Posted on: May 12, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.