Go to listing page

Cyware Daily Threat Intelligence, November 26, 2021

Cyware Daily Threat Intelligence, November 26, 2021

Share Blog Post

Hello there, happy Black Friday shopping! While you shop like a pro and make the best use of the offers, here’s a piece of news that can save your day. Scammers have added a new twist to gift card scams that ultimately result in the download of malware. These fake gift cards are distributed via malicious websites that pretend to offer gift cards for brands such as Amazon, Roblox, Google, and PS5. Unfortunately, this whole thing ends up in scammers emptying your cryptocurrency wallets.

FBI’s recent warning to organizations to remain vigilant against ransomware is something to be taken seriously as a maritime giant Swire Pacific Offshore (SPO) comes under attack. It is believed to be the work of the Cl0p ransomware gang. In other news, a North Korean hacker group attempted to target South Korean security companies by posing as Samsung recruiters.           

Top Breaches Reported in the Last 24 Hours

Swire Pacific Offshore attacked
The Cl0p ransomware gang is believed to be behind an attack on Swire Pacific Offshore (SPO). The company claims that personal and classified proprietary information might have been exposed in the incident. 

Huntington Hospital discloses breach
Huntington Hospital has sent out a notice about a data breach incident that affected the personal details of approximately 13,000 patients. The incident occurred after an employee improperly accessed electronic medical patient records. Among the data exposed includes telephone numbers, birth dates, addresses, internal account numbers, and medical record numbers of patients. 

Pfizer reveals data breach incident
Pharmaceutical giant Pfizer revealed that more than 12,000 confidential files related to the COVID-19 vaccine were stolen in a security breach incident. The stolen files also included info on the development of new drugs. 

NPC compromised
A cyberattack affected the personal information of 22,000 S&R members in Philippines. The incident was discovered on November 14. According to the report, members’ personal data such as dates of birth, contact numbers, and genders were compromised.  

North Korean hackers target Samsung
North Korean hackers posed as Samsung recruiters in a bid to target employees at South Korean security companies that offer anti-malware solutions. The attackers made fake job offers that were sent over phishing emails. The ultimate purpose of the attack was to install a backdoor trojan on the victim’s computer. 
 
Top Malware Reported in the Last 24 Hours

New CronRAT malware
CronRAT is a newly discovered RAT that targets Linux systems. The malware employs a never-before-seen obfuscation technique, that involves hiding in the Linux task scheduling system (cron) on February 31st, to avoid detection. According to researchers, the malware was used to inject payment skimmers in server-side Magecart data theft to bypass browser-based security solutions.  

Top Vulnerabilities Reported in the Last 24 Hours

Windows faulty patch
Hackers have started creating malware in a bid to bypass the patch meant for a privilege escalation flaw (CVE-2021-41379). The new flaw can allow attackers to gain administrator-level privileges. It affects every version of Windows systems, including fully patched Windows 11 and Server 2022. 

Flawed plugin patched
Two vulnerabilities affecting the Hide My WP WordPress plugin have been patched by the developers. While one of them is an SQL injection flaw, the other can enable attackers to deactivate the software. 
  
Top Scams Reported in the Last 24 Hours

Gift card scams revamped
Cyber experts warn that scammers have revamped gift card scams to install malware designed to sniff out a victim’s cryptocurrency wallet address. These counterfeit gift cards are distributed via malicious websites that people can use to generate codes for all kinds of gift cards. In order to look more convincing, these websites use major brands such as Amazon, Roblox, Google, Xbox, and PS5. 

 Tags

pfizer inc
linux systems
cronrat
hide my wp wordpress plugin
samsung recruiters

Posted on: November 26, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.