Cyware Daily Threat Intelligence November 8, 2018

Top Malware Reported in the Last 24 Hours

XXS flaw
Security researchers discovered an XXS flaw in Microsoft's Evernote app. The flaw, dubbed as CVE-2018-18524, impacted Evernote for Windows 6.14 and if exploited, could allow attackers to compromise accounts, hijack browsers and use exploit kits to execute malware payloads. Fortunately, the flaw was quickly addresses and patches issued by Evernote. Users are advised to upgrade to the latest version of the Evernote app. 

Zero-day vulnerability
A Russian security researcher uncovered a zero-day flaw in VirtualBox. The vulnerability could allow attackers the ability to escape the virtual environment of the guest machine by making use of the root or administrative privileges. The very first step of exploiting the flaw is to create an integer underflow condition using packet descriptors. This condition is then used to read data from the guest OS and cause an overflow condition. The flaw remains a threat as a patch has yet to be released. Users are advised to replace their virtual machines' network cards to PCnet.

Top Breaches Reported in the Last 24 Hours

Cloud data leak
A misconfigured cloud database exposed the data of 700,000 American Express India customers. The data was left exposed in an unprotected MongoDB server. The data leaked included customers' full names, phone numbers, email addresses,  PAN card numbers, and Aadhaar IDs.  Though the database was mostly encrypted and required a decryption key to view, there were 689,272 records that were stored in plaintext. Amex secured the leaky database on the same day that it was alerted about it and said that no unauthorized parties had gained access to it.

Massive bank cyberheist
In a shocking turn of events, the head of the cybercrime branch of Pakistan's Federal Investigation Agency (FIA) confirmed that hackers hit nearly all banks in Pakistan. Hackers have reportedly managed to steal the data of nearly 8,000 bank account holders from 10 different banks and put it up for sale on the dark web. A second data dump saw hackers advertise an additional 11,000 records belonging to customers of 21 different Pakistani banks, on the dark web. Experts believe that the attack was orchestrated by hackers outside Pakistan using a combination of card-skimming and phishing.




  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.