Go to listing page

Cyware Daily Threat Intelligence, May 25, 2021

Cyware Daily Threat Intelligence, May 25, 2021

Share Blog Post

Watch out! A new form of impersonation attack can put your Bluetooth devices at risk of MitM attacks. Existing in devices supporting Bluetooth Core and Mesh Profile Specifications, these flaws can allow attackers to impersonate a legitimate device and eavesdrop on victims’ devices. Users must ensure that they have installed the latest updates from device manufacturers and operating systems to mitigate the attack.

A disk wiper with ransomware capabilities? That’s what security experts have discovered about the new Apostle malware. Used by Iranian hacking group Agrius, the deadly malware is being used to launch sophisticated cyberespionage attacks.

The exploitation of zero-day vulnerabilities in the wild is something that any organization cannot afford. Apple has just taken a step forward to address it by releasing patches for three 0-day vulnerabilities affecting its devices.

Top Breaches Reported in the Last 24 Hours

Bose Corporation hit
Bose Corporation disclosed a data breach that occurred due to a ransomware attack in March. As a result, the personal information of some of its current and former employees was accessed by the attackers. The impacted information included social security numbers, compensation information, and other HR-related information of employees.

Top Malware Reported in the Last 24 Hours

Apostle malware
The Iranian hacking group Agrius has come up with a new destructible wiper malware Apostle that includes the functionality of wiper and ransomware. Unlike the ransomware groups that are purely motivated by money, Agrius’ new addition focuses on cyberespionage and destruction.

Top Vulnerabilities Reported in the Last 24 Hours

New Bluetooth flaws
Seven newly discovered weaknesses in Bluetooth Core and Mesh Profile Specifications can be abused to launch MitM attacks. Collectively, they can enable malicious actors to impersonate legitimate devices and establish a secure connection without the knowledge of the victim. The impacted vendors include Cisco, Intel, Red Hat, Microchip Technology, and Cradlepoint.

Mozilla patches a bug
Mozilla has patched a flaw that arises due to imported OpenPGP keys saved to users’ devices without encryption. The flaw is tracked as CVE-2021-29956 and can allow attackers to send emails pretending to be from genuine senders.

Apple fixes three zero-days
Apple has released security updates for three zero-day vulnerabilities that are being exploited in the wild. The flaws affect iOS, macOS, tvOS, and iPadOS. One of the flaws has been abused by the XCSSET malware to bypass macOS privacy protections. The flaws are tracked as CVE-2021-30663, CVE-2021-30665, and CVE-2021-30713.

Trend Micro issues security patches
Trend Micro has addressed three security flaws found in Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication. The flaws are tracked as CVE-2021-32457, CVE-2021-32458, and CVE-2021-32459.

Faulty plugin
An easy-to-exploit bug impacting the WordPress plugin ReDi Restaurant Reservation could have allowed hackers to access reservation data stored by site owners. The flaw (CVE-2021-24299) is a cross-site scripting bug that has been fixed in version 21.0307.

 Tags

bose corporation
trend micro
mitm attacks
agrius
apostle malware

Posted on: May 25, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.