Go to listing page

Cyware Daily Threat Intelligence December 28, 2018

Cyware Daily Threat Intelligence December 28, 2018

Share Blog Post

Top Breaches Reported in the Last 24 Hours

Nova Entertainment breached
Nova Entertainment has suffered from a breach that may have affected personal data of 261,948 Australians. The breach occurred between 2009 and 2011 and the data compromised in the incident includes usernames, passwords residential addresses, birth dates, email addresses, phone numbers, genders of individuals. However, the firm said that no financial information or copies of ID were affected. The radio station also mentioned that no existing systems of Nova were impacted in the breach. The radio station has informed the Office of Australian Information Commissioner(OAIC) and is working closely with law enforcement agencies to resolve the issue. In addition, it is working towards enhancing the security of its systems.

Top Malware Reported in the Last 24 Hours

New Shamoon variant
A new variant of Shamoon disk-wiping malware has surfaced recently. The malware obfuscates detection by behaving like the system optimization tool Enigma version 4. The variant uses a digital signature from Baidu that was issued on March 25, 2016, and expired on March 26, 2016. The malware is capable of deleting files from infected machines and making the machines unbootable. According to researchers, the new sample uses an image of a burning US dollar as a part of its destructive attack. It also disguises as legitimate software such as 'Baidu PC Faster' and 'Baidu WiFi Hotspot Setup'. Threat actors are using the variant to target oil and gas companies in the Middle East as well as small firms in Europe. The malware variant is uploaded on VirusTotal scanning platform from France. 

Top Vulnerabilities Reported in the Last 24 Hours

A flaw in Guardzilla cameras
Researchers have detected a critical security flaw in Guardzilla's indoor surveillance devices. The flaw could allow attackers to access users'stored files and videos. It is found that all of the security cameras use the same hardcoded keys, thus making it easy for the attackers to hack passwords by exploiting the bug. Each device uses the same set of hardcoded keys to upload video recording to the company's Amazon S3 bucket. Hackers can use these keys to gain full access to the company's cloud storage, thereby putting the customers' data at risk. Experts believe that only updating the firmware and keys won't be enough to fix the issue. It requires a complete change of keys and establishing a proxy service. 


shamoon disk wiping malware
nova entertainment
guardzilla cameras
amazon s3 bucket

Posted on: December 28, 2018

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite