Go to listing page

Cyware Daily Threat Intelligence, September 19, 2022

Cyware Daily Threat Intelligence, September 19, 2022

Share Blog Post

A water tank management system—by a top manufacturer—is affected by a critical vulnerability and the flaw continues to remain unpatched. An attacker can easily change various system settings like ones related to tank details, sensors, and alarm thresholds, after exploiting the flaw. Furthermore, gamers appear to be the preferred targets of threat actors at the moment. In the latest update, Microsoft has warned online gamers of an ongoing fraud campaign which they are tracking pretty closely.

A New York-based emergency medical care provider has been the victim of a ransomware attack wherein attackers obtained access to sensitive customer information. Although no information about the perpetrators was provided, analysts speculated that the attack could have been carried out by the Hive ransomware organization.

Top Breaches Reported in Last 24 Hours


Hacker leaks GTA 6 clips
A threat actor attacked Rockstar Games' Slack server and Confluence wiki to steal Grand Theft Auto (GTA) 6 gameplay videos and source code and shared it on GTAForums. A total of 90 videos, along with the stolen data, were posted on an online forum. Some videos included information on game features while others contained voice conversations. The threat actor, who also claimed to pilfer GTA 5 source code, aims to extort the victim. The adversary currently denied selling the GTA 6 source code, however, offering GTA V source code for over $10,000.

Ambulance services systems breached
An emergency medical services provider in New York, Empress EMS, confirmed a ransomware attack on its network. The records impacted include patient names, insurance information, SSNs, and service dates relating to 318,55 patients. The company did not mention the hacker group responsible for the attack. However, researchers pointed out that the Hive ransomware gang could be behind the double extortion ransomware attack.

Vietnam couple deletes IHG data for fun
Vietnamese hacker couple, dubbed TeaPea, led a cyberattack against Intercontinental Hotels Group (IHG). They reportedly accessed the company's internal Outlook e-mails, Microsoft Teams chats, and server directories. The hacker couple originally planned a ransomware attack, however, they ended up performing a wiper attack and cleared up large volumes of data. The couple later told the BBC about the crime committed and provided screenshots as proof.

Top Malware Reported in Last 24 Hours


LockerGoga decryptor released 
Bitdefender, Europol, and others have released a free decryptor for the LockerGoga ransomware that infected over 1,800 entities in 71 countries and caused an estimated $104 million in damage, since 2019. The police personnel studied the material recovered during the 2021 arrests and determined the private keys needed to retrieve the ransomware-encrypted data. Security experts requested that the impacted parties register a criminal complaint in their countries.

Top Vulnerabilities Reported in Last 24 Hours


Critical flaw exploits Kingspan product
Kingspan’s TMS300 CS water tank management system was found affected by a critical vulnerability, identified as CVE-2022-2757. The security hole can be exploited remotely and an attacker can modify various parameters related to tank details, alarm thresholds, and sensors. The product suffers from the absence of correctly implemented access control rules, allowing an attacker to pass the device parameters by browsing specific URLs.

Top Scams Reported in Last 24 Hours


Game cheats a medium for scam
Microsoft is reportedly monitoring a large-scale fraud campaign aimed at gamers under the moniker DEV-0796. Attackers monetize from clicks generated by a browser node-WebKit or through browser extensions deployed by hackers on infected devices. An ISO file, masquerading as game hacks and cheats, is downloaded on the victim’s machine, which when opened installs node-WebKit. In addition, DMG files are also used to distribute software on macOS.

 Tags

cve 2022 2757
ransomware decryptor
node webkit
water tank management system
gta 6
teapea
wiper attacks
source code leak
rockstar games inc
intercontinental hotels group
kingspan
dev 0796
lockergoga
empress ems

Posted on: September 19, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.