Go to listing page

Cyware Daily Threat Intelligence, May 30, 2022

Cyware Daily Threat Intelligence, May 30, 2022

Share Blog Post

Researchers uncovered a fresh zero-day in MS office that poses threat to fully patched applications. Submitted from Belarus, it can fetch malicious code without being detected in a multi-stage attack. Meanwhile, Microsoft helped mce Systems patch high-severity bug in pre-installed Android apps that concerned millions of users.

More cyber threat has come to notice after EnemyBot was found rapidly expanding to multiple platforms. In the ongoing campaign, hackers were spotted targeting recently disclosed flaws in VMware, F5 BIG-IP, and Android.


Top Breaches Reported in the Last 24 Hours


Insider attack may have hit Verizon
Verizon experienced a breach that laid bare the full names, email addresses, corporate ID numbers, and contact details of its employees. Hackers have allegedly demanded a $250,000 ransom. The stolen data was verified by Motherboard. Going by claims, the hackers convinced a Verizon employee, which helped them attain remote access to their corporate network.

MFA compromised at Spirit Super
Spirit Super, a Tasmanian-based industry, leaked sensitive records in the aftermath of a phishing attack. As many as 50,000 members were impacted by the attack that leveraged a compromised email account of a staff. Hackers masqueraded as official correspondence, which helped them overcome MFA challenges during the operation.


Top Malware Reported in the Last 24 Hours


EnemyBot gets aggressive
The recently disclosed critical flaws in VMware products, F5 BIG-IP devices, and Android systems were found to facing threats from the operators of the EnemyBot botnet. The latest discovery unfolds that the bot now includes exploits for 24 vulnerabilities, including bugs that don’t even have a CVE number. Moreover, its source code was found on GitHub.


Top Vulnerabilities Reported in the Last 24 Hours


Zero-day in MS office
Researchers warned against Follina, a zero-day in Microsoft Office, that may have been abused by cyber adversaries. Successful exploitation of the bug could let an unauthorized individual achieve arbitrary code execution on the affected Windows machine. Additionally, researchers found that the malicious code is executed even if macros are disabled.

Critical flaws in pre-installed Android apps
Microsoft reported a number of vulnerabilities in pre-installed Android apps in a mobile framework built by mce Systems. Hackers could exploit those for remote access, launching local attacks to access system configuration, or stealing sensitive user information. The vulnerabilities were affecting apps that had millions of downloads.

 Tags

android security bugs
spirit super
verizon
mfa credentials
ms office
enemybot
vmware servers
zero day code
follina

Posted on: May 30, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.