Go to listing page

Cyware Daily Threat Intelligence, May 27, 2022

Cyware Daily Threat Intelligence, May 27, 2022

Share Blog Post

Zyxel flaws have been making headlines for the past two weeks, but the recent patch alert is especially important for U.S. firms. Another patch came from Cisco that addresses a severe heap overflow bug, which an unauthorized user can abuse to launch DoS attacks.

Furthermore, cybercriminals were found dropping an updated version of Magniber ransomware on Windows 11 machines. The malware uses the RSA+AES encryption scheme to encrypt files. Also, do watch out for a WhatsApp scam that can compromise your account in just a few minutes.


Top Breaches Reported in the Last 24 Hours


Ransomware setback for a New Jersey county
A ransomware attack crippled the networks of Somerset County, New Jersey. The attack disrupted most of its online services such as email services, as well as access to land records, vital statistics, and probate records. While some of its services were restored, it is expected that the situation will be back to normal in a week or so.


Top Malware Reported in the Last 24 Hours


Magniber meets Windows 11 users 
A new variant of the Magniber ransomware was spotted in a new attack aimed at Windows 11 systems. The attack is propagated via various online forums, cracked software websites, and fake pornographic websites, among others. Hackers ask victims to pay the ransom within five days or threaten to double the ransom amount.


Top Vulnerabilities Reported in the Last 24 Hours


Cisco tackled heap overflow attack
Cisco addressed a heap overflow vulnerability, tracked as CVE-2022-20737 (CVSS 3.0 score of 8.5) in Cisco Adaptive Security Appliance (ASA). By abusing the vulnerability, an attacker may trigger a DoS condition and gain access to sensitive data such as session cookies, various configuration data, usernames, and passwords.

Zyxel warns against flaws
Zyxel alerted its clients against four bugs concerning its firewall, AP Controller, and AP products. These could be exploited to compromise targeted systems and harvest sensitive data from machines. Though these bugs are not critical, the firm has still strongly urged network admins to upgrade their devices without much delay.

Urgent patch for VMware customers
Security researchers at Horizon3 released a PoC exploit and technical analysis for a critical authentication bypass vulnerability affecting multiple VMware products. A threat actor can exploit the critical flaw, CVE-2022-22972, to gain privileged access. Hence, customers were urged to install patches immediately. The flaw affects Workspace ONE Access, vRealize Automation, and VMware Identity Manager (vIDM).


Top Scams Reported in the Last 24 Hours


Whatsapp Hijack in minutes
CloudSEk unearthed a new WhatsApp scam that enables hackers to hijack users’ accounts using a simple phone call. First, hackers call on a victim’s numbers starting with ’67’ or ‘405,’ and then convince them for a callback. If and when it happens, the users will be logged out of their WhatsApp account and hackers would get complete control of the account, within a few minutes.

 Tags

vmware product
heap overflow vulnerability
windows 11
magniber
zyxel
whatsapp
somerset county
ransomware attack

Posted on: May 27, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.