Go to listing page

Cyware Daily Threat Intelligence September 07, 2021

Cyware Daily Threat Intelligence September 07, 2021

Share Blog Post

Cybercrime is a psychological game and ransomware operators are making clever use of the fear and anxiety of victims to maximize the chances of a payout. In a new update, the Ragnar Locker ransomware gang has threatened its victims of leaking their stolen data if they contact law enforcement agencies or data recovery experts. This mounts an added pressure on the victims who are not willing to pay the ransom. 
     
Microsoft Office documents are now witnessing an increased use among threat actors to distribute malware. Researchers found that the operators of Emotet heavily relied on Word docs to distribute the trojan.         

Top Breaches Reported in the Last 24 Hours

Dotty’s affected
A cyberattack on U.S. fast food and gambling chain service Dotty’s has affected the personal data of customers. The potentially affected data includes customer names, dates of birth, social security numbers, passport numbers, health insurance information, and medical records, among others. 

Visa website hacked
The visa website of the French government has suffered a sophisticated cyberattack that led to a data breach. As a result, the hackers gained unauthorized access to the nationalities, birth dates, and passport numbers of applicants.

Howard University attacked
Howard University has temporarily halted its classes following a ransomware attack that occurred last week. The attackers have disrupted internet service, along with other critical systems.
 
Top Malware Reported in the Last 24 Hours

Ragnar Locker’s new strategy
The operators behind Ragnar Locker have come up with a new strategy to extort their victims. They are warning that they will leak the stolen data if the victims make attempts to contact law enforcement agencies. The threat also applies to victim organizations contacting data recovery experts. 

Malicious use of Microsoft docs
Microsoft Office documents have been used in 38% of attacks to hide malware, a new report suggests. One of the notable malware that was spread via Word documents is Emotet. 

Top Vulnerabilities Reported in the Last 24 Hours

Pac-resolver receives a patch
A very popular NPM package called pac-resolver has been fixed to address a remote code execution flaw. It can allow an attacker to remotely run malicious code inside a Node.js process by sending a specially crafted HTTP request to users. 

Atlassian Confluence flaw exploited
The recently disclosed flaw in the Atlassian Confluence service has been exploited in an attack to install a cryptocurrency miner. The attack had occurred last week and the flaw in question is tracked as CVE-2021-26084. The flaw is related to an OGNL injection issue that could be exploited to execute arbitrary code on a Confluence Server or Data Center instance.  

Netgear fixes flaws
Netgear has released dozens of firmware updates to fix several issues in its switches. Three of these flaws have received severity scores between 7.4 and 8.8. Netgear identifies the bugs as PSV-2021-0140, PSV-2021-0144, PSV-2021-0145.

 Tags

netgear
atlassian confluence flaw
dottys
ragnar locker ransomware
howard university

Posted on: September 07, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.