Cyware Daily Threat Intelligence, October 23, 2020

Share Blog Post

New variants of cyber scams are opening opportunities for online scammers. In the past 24 hours, a new phishing campaign has been found targeting Microsoft Office 365 users through a fake automated message from Microsoft Teams. The ultimate goal of the scam is to pilfer login credentials from Office 365 users. 

A unique tech support scam that combines with a browser locker scam has also been observed in the last 24 hours. In this attempt, the scammers are leveraging Facebook to distribute malicious links that ultimately redirect victims to a browser locker page. The campaign also makes use of several layers of deception techniques including the abuse of a cross-site scripting flaw on a Peruvian site.

Top Breaches Reported in the Last 24 Hours

Vastaamo data breach
Hackers have held thousands of customer records of Vastaamo for ransom. The healthcare company, on its part, has reported federal agencies about the data breach. It is working closely with the agencies to boost the security of its systems. 

Data of over 200 million users on sale
It has been found that a hacker is selling personally identifiable information of over 200 million Americans on a dark web forum. This includes the voter registration data of 186 million Americans. Researchers fear that the data can be used by threat actors for disinformation campaigns and other malicious activities.

Shionogi hit
Japanese drug firm, Shiogogi, was hit by a cyberattack earlier this month. Following the attack, the attackers had released stolen documents including the import license of medical equipment and employee residency permit on the dark web. The attackers have threatened to release more information unless a ransom is paid.

Dr Reddy’s lab breached
A data breach at Dr Reddy’s Laboratories has forced the pharma giant to temporarily shut its operations across the globe. The company is reviewing the extent of the breach and, at the same time, has deployed required security measures to protect its systems.

Top Vulnerabilities Reported in the Last 24 Hours

NVIDIA releases patches
NVIDIA has issued security updates for the Windows NVIDIA GeForce Experience (GFE) app to address vulnerabilities that could enable attackers to execute arbitrary code, escalate privileges, gain access to sensitive info, or trigger a Denial of Service (DoS) state on systems running unpatched software. CVE-2020-5977 is rated as the highest severity bug and scores 8.2/10 on the CVSS scale. 

Top Scams Reported in the Last 24 Hours

Tech support scam
Researchers have observed a new tech support scam that combines with a browser locker scam. For this, threat actors are relying on Facebook to distribute malicious links that ultimately redirect victims to a browser locker page. The approach is unique because it involves a few layers of deception including abuse of a cross-site scripting vulnerability on a popular website.

Office 365 users targeted
Researchers are warning of a phishing campaign that pretends to be an automated message from Microsoft Teams. The ultimate goal of the campaign is to steal Office 365 users’ login credentials.

 Tags

shionogi
vastaamo
microsoft office 365
tech support scam
nvidia

Posted on: October 23, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!