Go to listing page

Cyware Daily Threat Intelligence, September 01, 2021

Cyware Daily Threat Intelligence, September 01, 2021

Share Blog Post

The booming cybercrime-as-a-service scheme has got a new attack technique at the disposal of cybercriminals. An anonymous threat actor has been found selling a PoC for an exploit that can enable attackers to execute malicious code from the GPU of a compromised system. The PoC can be used on GPUs from Intel, AMD, and NVIDIA.

Researchers have sounded an alert about the rise in BEC scams as scammers have launched a drive to recruit English speakers. Over the course of 2021, several popular Russian-speaking cybercriminal forums have been found posting adverts on multiple hacker forums to drive the recruitment process. With this, threat actors aim to launch further scams against users in North America and Europe.

Top Breaches Reported in the Last 24 Hours

Ransomware attacks suspected
Several federal agencies have published a joint advisory about the tendency of ransomware attacks during the extended weekend for the upcoming US Labor Day. The agencies have highlighted the names of several ransomware gangs that wreaked havoc against U.S. organizations over the past several months.

Top Malware Reported in the Last 24 Hours

New tool to hide malware on sale
A cybercriminal is selling the PoC for a technique that can allow attackers to execute malicious code from the Graphics Processing Unit (GPU) of a compromised computer. The affected GPUs include those from Intel, AMD, and NVIDIA.

Top Vulnerabilities Reported in the Last 24 Hours

Flaws in WooCommerce plugin
A pair of security vulnerabilities in the WooCommerce Dynamic Pricing and Discounts plugin can allow attackers to inject malicious code into websites running unpatched versions. The first flaw is related to the cross-site scripting and the second one is due to a setting export problem. These flaws have been patched in version 2.4.2 of the plugin.

A flaw in Linphone SIP Stack
A serious vulnerability affecting the Linphone Session Initiation Protocol (SIP) clients can allow malicious actors to remotely crash applications. The flaw, tracked as CVE-2021-33056, can be exploited by sending specially crafted INVITE requests to the targeted client.

Top Scams Reported in the Last 24 Hours

New BEC scheme launched
In a bid to pull off more BEC scams, threat actors have launched a drive to recruit English speakers. Over the course of 2021, several popular Russian-speaking cybercriminal forums have been found posting adverts to accelerate the recruitment process. With this, threat actors aim to launch scam attacks against users in North America and Europe.

Students targeted in a scam
A Nigeria-based cybercriminal group has been found targeting college and university students in a new scam that pilfers their personal and financial information. The group poses as employees from a consulting company and offers fake job offers over emails. The targets are asked to fill in their details in a link attached to the email.

 Tags

bec scams
linphone sip stack
nvidia
woocommerce plugin

Posted on: September 01, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.