Go to listing page

Cyware Daily Threat Intelligence, October 25, 2019

Cyware Daily Threat Intelligence, October 25, 2019

Share Blog Post

Cybercriminals are increasingly impersonating each other to hide their tracks as part of advanced attack techniques. In a new finding, researchers have uncovered that a group of criminals is posing as the infamous ‘Fancy Bear’ threat group in an attempt to extort businesses. The criminals threaten to launch DDoS attacks on targeted organizations if they fail to pay a ransom amount of 2 bitcoins. 

The past 24 hours also saw massive phishing attack campaigns worldwide. One of the campaigns involves attacks against human rights organizations across the world. The affected organizations include the Red Cross, UNICEF, the UN World Food and the UN Development programs. The purpose of the campaign is to steal login credentials. 

In another incident, Ocala city has lost a sum of $500,000 after a scammer tricked an employee. The scammer pretended to be a construction contractor working with the city and sent an email, asking payment for the services via electronic transfer.

Top Breaches Reported in the Last 24 Hours

7-Eleven fuel app data breach
A technical issue in the popular petrol-buying app run by 7-Eleven has exposed the personal details of customers. The issue allowed customers to view the names, email addresses, mobile numbers and dates of birth of other users. Upon discovery, the firm took the app offline and rectified the issue. 7-Eleven has informed Australian law enforcement agencies about the breach. 

Ocala city loses $500,000
Ocala city has suffered a loss of around $500,000 in a phishing email attack which was discovered recently. The scammer impersonated a current construction contractor working with the city and requested payment for services via electronic transfer. While the email was phony, the underlying invoice was legitimate. 

Clover Sites breached
An unprotected database associated with Clover Sites had left customers’ data exposed on the internet for at least six to seven months. The database contained 65,800 records containing customers’ names, billing information, contact address and the last four digits of credit card numbers. It also included internal comments about calls, help requests, and notes on customer satisfaction. 

Top Malware Reported in the Last 24 Hours

Human Rights organizations attacked
A new phishing campaign targeting a slew of human rights organizations across the world has been discovered. The affected organizations include the Red Cross, UNICEF, the UN World Food and the UN Development programs. The motive of the attack is to compromise the credentials of targeted sites.

Cybercriminals disguise Fancy Bear
A group of criminals posing as ‘Fancy Bear’ threat actor group is demanding ransom payments from companies in the financial sector. It threatens to launch a DDoS attack on the targeted company if they fail to pay the amount. The ransom payment asked from each company stands at $15,000 (approximately 2 bitcoins).   

Hackable smart bulbs
A new study has revealed that smart light bulbs can be hacked to steal users’ personal data. The hack misuses the infrared capabilities of the targeted bulb to either steal data or spoof other connected IoT devices on the home network.    

Apple removes 17 malicious apps
Apple has removed 17 malicious apps from its App Store after it was reported to be infected with malware. These apps were found containing clicker trojan malware designed to generate revenues for their developers. The list of infected apps included productivity, travel, platform utility, a restaurant finder, and video-editing apps from India-based AppAspect Technologies.

Top Vulnerabilities Reported in the Last 24 Hours

Samsung fixes fingerprint glitch
Samsung has rolled out a software patch for the Galaxy S10 and Note10 to address glitches that allowed anyone to bypass their built-in fingerprint authentication sensors. The fix comes after Samsung admitted last week that anyone can bypass the Galaxy S10 fingerprint sensor if a third-party silicon case is enclosing the phone. 

Google releases patches
Google has patched three serious Chrome vulnerabilities that can be exploited to escape the web browser’s sandbox. Two of these flaws are use-after-free vulnerabilities in the media component. They are tracked as CVE-2019-13695 and CVE-2019-13699. The third vulnerability is a buffer overrun in the Blink browser engine (CVE-2019-13700).     

Top Scams Reported in the Last 24 Hours

Free cash scam
Scammers are taking advantage of the legitimate ‘ free money’ campaigns for the Cash App peer-to-peer payment service to target Twitter, Instagram, and YouTube users. The scam works with fake promises to users of financial gains. They ask Cash App users to send small amounts between $10 and $1000 with a pledge of returning huge sums which are even ten times higher. The scammers leverage the #CashApp hashtag to promote their scam. Apart from money, the scam also works with gift cards.     


clover sites
red cross
fancy bear group

Posted on: October 25, 2019

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.