Cyware Daily Threat Intelligence
![Cyware Daily Threat Intelligence - Featured Image](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fzcd9ovevodsf%2F3C17ZAYwXj6I2wlOuE5wv7%2F1c49a223c47c6b871114bcce110218f9%2F19f6_shutterstock_1635437824.jpg&w=2048&q=75)
Daily Threat Briefing • Jan 6, 2022
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jan 6, 2022
Weak passwords are a security red flag for a website or database and cybercriminals are quite smart at picking up this opportunity. In a concerning revelation made by New York’s Office of Attorney General (OAG), it was found that around 17 well-known online retailers, restaurant chains, and food delivery services were affected by several credential stuffing attacks over the past months.
Cybercriminals never fall short of devious hacks and this time they have shown it by abusing the ‘Comment’ feature on Google Docs. By leveraging this sneaky trick, the attackers were successful in sending malicious links to over 500 inboxes through 100 different Gmail accounts.
A data leak incident that affected the personal data of SEGA customers was also reported in the last 24 hours.
Top Breaches Reported in the Last 24 Hours
SEGA suffers data leak
An AWS S3 bucket leak affected the sensitive data of gaming giant SEGA. The leaky bucket contained API keys, data of hundreds of thousands of members of Football Manager forums, and keys to SEGA’s Europe’s MailChimp.
Cyberattack affects Element Solutions
Florida-based Element Solutions has updated its security protocols following a cybersecurity incident. The company had detected an intrusion on some of its IT systems, after which it notified relevant law enforcement authorities as part of its incident response.
Bernalillo County impacted
The IT network of the Bernalillo County government in New Mexico has been affected by a ransomware attack. As a result, the government buildings and public offices across the cities of Albuquerque, Los Ranchos, and Tijeras were forced to close their operations to prevent the spread of the attack.
Credential stuffing attacks discovered
Around 17 well-known online retailers, restaurant chains, and food delivery services were targeted in credential stuffing attacks over the past several months, says a new report from New York’s OAG. The OAG was able to confirm the attacks after it investigated thousands of posts that contained credentials of more than 1.1 million customer accounts.
Phishing attack spotted
A wave of phishing attacks identified in December was found targeting Outlook users by exploiting a flaw in Google Docs’ Comments feature. This enabled the attackers to send malicious links to more than 500 inboxes across 30 tenants. Attackers targeted users of Google Docs by adding a comment to a document that mentioned the targeted user with an ‘@’ which automatically sends an email to that person’s inbox.
Top Vulnerabilities Reported in the Last 24 Hours
VMWare issues updates
VMWare has shipped updates to address a security vulnerability affecting its Workstation, Fusion, and ESXi products. The flaw is related to a heap-overflow vulnerability and is tracked as CVE-2021-22045. If successfully exploited, it can lead to the execution of arbitrary codes.
Top Scams Reported in the Last 24 Hours
Bogus QR codes scamming Austin people
People in Austin are being targeted in a scam that makes use of fake QR codes placed at public parking meters. The fake QR codes are being used to pilfer financial information from users. The police authorities are urging people to be cautious of such scams and look out for any tampering on the parking meter while making a payment.
Investors scammed off $50 million
Nearly 70 investors fell victim to a long-running internet-based fraud operation that tricked them with various investment opportunities. The victims were directed to 150 different fraudulent sites as a part of the scam carried out by a cybercriminal posing as FINRA broker-dealers. As a result, the fraudster was able to make roughly $50 million in a span of eight years.