Go to listing page

Cyware Daily Threat Intelligence, October 14, 2022

Cyware Daily Threat Intelligence, October 14, 2022

Share Blog Post

Another tech support scam is being floated by a cybercriminal group. Attackers have developed multiple phishing sites that display fake Windows Defender alerts to users. Since last month, researchers have spotted over 50 such phishing websites. In another update, HP Wolf Security laid bare an attack campaign distributing Magniber ransomware. In this campaign, Windows home users are being targeted with fake software updates.

Attention! eCommerce websites running over the Adobe Magento platform need to update their systems as the firm has released a warning about a stored cross-site scripting (XSS) bug. By abusing the bug, a threat actor can seize control of your eCommerce sites. 

Top Breaches Reported in the Last 24 Hours


RansomExx leaks 52GB of healthcare data
Consorci Sanitari Integral, a Spanish public entity that provides medical and social services, was targeted by the RansomExx ransomware group, which has allegedly published 52GB of stolen data on the dark web. Reports say emergency services remained unaffected owing to the attack but medical equipment for specialist visits, including x-ray machines, were unavailable.

Top Malware Reported in the Last 24 Hours


Magniber creeps through false security updates
Windows users’ computers are being targeted through fraudulent websites that are promoting fake antivirus and security updates for Windows 10. Accessing these files activates malicious operations and drops ZIP archives that help threat actors launch Magniber ransomware operations. Furthermore, adversaries request payment of up to $2,500 from users to receive a decryption tool and access their files.

Top Vulnerabilities Reported in the Last 24 Hours


PoC exploit for Fortinet bug released online
PoC exploit code for the critical authentication bypass vulnerability, tracked as CVE-2022-40684, was released online. The bug in FortiGate firewalls affects FortiOS versions from 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1. Whereas, the bug impacted FortiProxy web proxy versions from 7.0.0 to 7.0.6,  and 7.2.0 is also impacted. The availability of the exploit poses risks of active targeting of devices by cybercriminals.

eCommerce platforms susceptible to cyberattacks
Adobe calls for attention against a top priority bug in Adobe Magento that could let an unauthenticated user completely compromise e-commerce platforms. The XSS flaw, identified as CVE-2022-35698 and has the full CVSS score of 10, can lead to arbitrary code execution. Hence, the firm has urged customers to update their systems to protect their websites from abuse of the flaw.

Microsoft’s email encryption is leaky
According to WithSecure researchers, a security hole in Microsoft Office 365 Message Encryption (OME) could be leaking sensitive information. OME utilizes the Electronic Codebook (ECB) implementation, which is an operational mode that could leak certain structural information about messages. Such contents could be deciphered to partially or fully understand the message, depending upon how well cybercriminals analyze the location and frequency of repeated patterns for a particular message.

Top Scams Reported in the Last 24 Hours


Phishing sites with fake Windows Defender alert
Cyble Research & Intelligence Labs unearthed a phishing scam wherein criminals impersonated Microsoft support sites to show potential victims a fake Windows Defender alert. The alert warns victims about their system being locked and that they need to get in touch. Through this, scammer attempt to access victims’ machines and infect those with malware.

 Tags

fortinet fortiproxy
poc exploit code
office 365 message encryption
ransomexx
magniber
fake windows defender alert
fortinets fortios
ecommerce websites
consorci sanitari integral
adobe magento

Posted on: October 14, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.