Go to listing page

Cyware Daily Threat Intelligence, May 19, 2022

Cyware Daily Threat Intelligence, May 19, 2022

Share Blog Post

Following advisories and patching your systems is the best way to fend off cyber threats. Do it now because VMware and CISA officials have urged users to patch critical flaws affecting VMware Workspace ONE Access, vRealize Automation, and Identity Manager. Meanwhile, WordPress is suffering again from several critical vulnerabilities in premium WordPress themes that allow for site takeover. 

Besides, ransomware actors have targeted the Bank of Zambia and the victim has denied bowing down to their ransom demand.


Top Breaches Reported in the Last 24 Hours


HIVE hacks Zambian bank
The Bank of Zambia experienced a ransomware attack by the HIVE group that disrupted some of its operations. Officials have urged businesses in the financial sector to stay alert as the incident might impact them. Also, the bank has reportedly refused to pay the ransom.


Top Malware Reported in the Last 24 Hours 


DEADBOLT cripples QNAP Systems
QNAP Inc. detected a new attack by the DEADBOLT Ransomware. All NAS users are advised to update QTS 4.3.6 and QTS 4.4.1 to the latest version as soon as possible and restrict exposure of their NAS to the internet. The affected models were mainly TS-x51 series and TS-x53 series.


Top Vulnerabilities Reported in the Last 24 Hours 


Critical flaws in Jupiter plugin
WordPress researchers unearthed a set of flaws—CVE-2022-1654, CVE-2022-1656, CVE-2022-1657, CVE-2022-1658, and CVE-2022-1659—in the Jupiter Theme and JupiterX Core plugins for the WordPress CMS. The first is a high-severity flaw that allows a third party to gain administrative privileges and completely take over a live site.

Patch alert against VMware Bugs
VMware alerted organizations about two critical bugs, tracked as CVE-2022-22954 (an RCE flaw) and CVE-2022-22960 (a privilege escalation flaw), that are under active exploitation, allegedly, by APT actors. They affect VMware Workspace ONE Access, vRealize Automation, and Identity Manager. The CISA has also urged federal agencies to patch the flaws.


Top Scams Reported in the Last 24 Hours


Chatbot fakes DHL delivery 
Trustwave SpiderLabs laid bare a new phishing scam whose chain starts with the introduction of a chatbot that promises to address an issue with the failed DHL delivery. In reality, cybercriminals steal personal data from victims, including account login credentials, credit card details, and other PII.

 Tags

jupiter theme plugin
wordpress sites
qnap nas devices
deadbolt
dhl delivery
vmware
bank of zambia
hive ransomware
jupiterx core plugin

Posted on: May 19, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.