Cyware Daily Threat Intelligence May 24, 2018

Top Vulnerabilities Reported in the Last 24 Hours
Red Hat's fix for Spectre Variant 4
Red Hat has released security mitigation for products affected by the recently disclosed Speculative Store Bypass (CVE-2018-3639) flaw. Derivatives like CentOS are affected by this flaw. By exploiting this flaw, unauthorized users can read privileged memory and expose critical data via cache side-channel attacks.

Schneider Electric patches XXE flaw
The XML External Entity (XXE) vulnerability present in the SoMachine Basic software has been fixed by Schneider Electric. By leveraging this flaw, attackers could have launched an out-of-band remote arbitrary data retrieval attack. Users are advised to upgrade their systems to install the patches.

Hackers abuse Jetpack
Hackers are implementing new techniques to install malicious backdoors on websites running the open-source WordPress CMS. By using login credentials exposed in data breaches, hackers are attempting to log into WordPress[.]com accounts. They then use the Jetpack feature to connect self-hosted WordPress sites to a WordPress.com account. They can now manage thousands of self-hosted WordPress sites via the Jetpack plugin installed on each site.

Top Breaches Reported in the Last 24 Hours
LifeBridge health data breach
A data breach in Baltimore, Maryland-based LifeBridge Health and LifeBridge Potomac Professionals resulted in exposure of private information belonging to roughly 500,000 patients. Exposed information includes names, addresses, birth dates, insurance information and Social Security numbers. The data breach took place on Sept. 27, 2016, and was first detected in March 2018.

SA-based database leaked
A database containing sensitive personal data of around 934,000 South Africans has been leaked online. Names, ID numbers, email addresses, and passwords of South African citizens stored in plaintext were exposed. Researchers believe that the directory containing a backup of the sensitive data was left publicly accessible.

Top Scams Reported in the Last 24 Hours
Cryptocurrency Giveaway scam
A new cryptocurrency giveaway scam has been discovered targeting Ethereum and Bitcoin. The scam is using fake social media profiles (mostly Twitter) and spam emails to trick victims into spending a little amount of cryptocurrency as an investment in return for huge profits. The scam uses profiles impersonating popular companies, brands and personalities.

'Update Your Password' Scam
Users are being warned to beware of the new 'Update Your Password' scam. As part of this scam, users are sent emails that read as “The password for recipientname@companyname.com has expired. Please click the button below to update your password.” Clicking on the link steals user credentials.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.