Go to listing page

Cyware Daily Threat Intelligence, November 30, 2020

Cyware Daily Threat Intelligence, November 30, 2020

Share Blog Post

At a time where biologists and scientists are pushing hard for the development of potential vaccines to combat the COVID-19 pandemic, it can be dangerous if cybercriminals foil their efforts to produce toxins or synthetic viruses. In new research, a group of academics has revealed that unwitting scientists could become victims of a new biohacking technique that involves injecting malware into targeted computers and replacing substrings in DNA sequencing.

Meanwhile, the DoppelPaymer ransomware operators earned $500,000 in ransom after targeting Delaware County. In the same line, the Conti ransomware gang has demanded a ransom of about $14 million from Advantech after stealing sensitive files and documents related to the firm.

Top Breaches Reported in the Last 24 Hours

Banijay targeted
French multinational production and distribution firm, Banijay Group SAS, has become the latest target of DoppelPaymer ransomware. Certain personal data of current and ex-employees may have been compromised, along with commercially sensitive information. Banijay did not report what the attackers are seeking in ransom, however, it’s likely to be a seven-figure amount.

Delaware County pays ransom
Pennsylvania’s Delaware County has paid $500,000 in ransom to restore its systems following a ransomware attack. According to local media, the ransomware operators have compromised systems containing sensitive information, including police reports and payroll. The county said that its Bureau of Elections and Emergency Services Department was not affected by the attack.

Advantech affected
Conti ransomware operators have demanded a nearly $14 million ransom from IIoT chip maker Advantech to decrypt affected systems and stop leaking stolen company data. The ransomware gang has leaked 2% of the stolen data, including a list of files in the ZIP archive, on their data leak site.

Top Malware Reported in the Last 24 Hours

New macOS backdoor
A new macOS backdoor malware is suspected to be used by the Vietnamese threat actor group OceanLotus (APT32) in recent attacks. The sample masquerades as a Word document, but in an effort to evade detection, it is packaged in a ZIP folder that contains unique characters. The abilities of the backdoor include fetching and running files, executing commands in the terminal, and getting configuration information.

Top Vulnerabilities Reported in the Last 24 Hours

New biohacking technique
A new form of biohacking technique has the potential to disrupt operations in the biological research sector. The attack focuses on infecting a biologist’s computer with malware and replacing substrings in DNA sequencing at the same time.

Vulnerable EtherNet/IP (ENIP) stack
A critical flaw in Real-Time Automation’s (RTA) 499ES EtherNet/IP stack could allow attackers to take control of industrial control systems, Tracked as CVE-2020-25159, the stack overflow flaw scores 9.8 out of 10 on the CVSS scale. The vulnerability could cause a denial-of-service situation, and depending on other conditions, could expose a device running older versions of the protocol to remote code execution.

 Tags

ethernetip enip stack
dna sequencing
macos backdoor
delaware county
advantech

Posted on: November 30, 2020


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Learn More About Cyware Solutions!