Go to listing page

Cyware Daily Threat Intelligence February 14, 2019

Cyware Daily Threat Intelligence February 14, 2019

Share Blog Post

Top Breaches Reported in the Last 24 Hours

Image-I-Nation Technologies breached
Image-I-Nation Technologies was breached in a possible supply chain attack. The attack occurred sometime in November 2018, resulting in the compromise of the consumer report database. The compromised database contained customers’ sensitive information such as their full names, dates of birth, home addresses, and social security numbers.

DataCamp breach
Online data science learning platform DataCamp has reported a data breach. The breach occurred on February 11, 2019, after hackers gained unauthorized access to its systems. The information compromised in the breach includes customers' names, email addresses, locations, company, biography, education details and pictures. 

Bank of Valletta suffers an attack
Recently, a massive cyber-attack was carried out against the Bank of Valletta, where 13 million Euros got transferred out of the bank via false international transactions. Transactions were made to bank accounts in four countries–the US, the UK, Czechia, and Hong Kong. Upon discovery, the firm took immediate action and blocked the transactions.

Top Malware Reported in the Last 24 Hours

New phishing campaign
A new phishing campaign that claims the recipients' that their email is blacklisted has been discovered recently. The campaign goes with the subject line of '<security@myonlinesecurity.co.uk> BLACKLISTED’and uses phishing links that contains almost 1,000 characters. The email pretends to be from the victim’s mail domain's support department and states that the email has been blacklisted due to multiple login failures. 

New variant of Astaroth trojan
A new variant of Astaroth trojan has been spotted by security researchers. The malware is capable of bypassing the antivirus software to steal user credentials. The trojan disguises as .JPEG, .GIF, or an extensionless file to avoid detection when executed on a machine. It is distributed through spam campaigns. Once installed, it connects with a C2 server and exfiltrates data about the infected computer.

Top Vulnerabilities Reported in the Last 24 Hours

Microsoft Office bugs
Security researchers have discovered several bugs in Microsoft Office features that can be exploited to perform a range of attack techniques. These flaws discovered are information disclosure vulnerability (CVE-2019-0561) and bypass flaw (CVE-2019-0540) While the first flaw exists when Word macro buttons are improperly used, the second flaw exists when Office doesn't validate URLs.

Apache OpenOffice flaw patched
A remote code execution vulnerability affecting the Apache OpenOffice open source productivity suite has received an unofficial security patch. The flaw in question is tracked as CVE-2018-16858 can allow an attacker to execute code by getting the targeted user to open a specially crafted document. 

Cisco patches NAE vulnerability
Cisco has released a security update to address a vulnerability in Network Assurance Engine (NAE). An attacker can exploit this vulnerability - dubbed as CVE-2019-1688 - to obtain sensitive information. The flaw exists due to a fault in the password management system of NAE.

Top Scams Reported in the Last 24 Hours

Online romance scams
The Federal Trade Commission (FTC) is alerting users about internet romance scams. In this type of scam, scammers gain the confidence of their victims and later trick them into sending money. FTC has advised people to be cautious while using online dating sites and that they should never send money or gifts to someone not known personally. The images of the person must be checked meticulously. The texts must also be observed as scammers often stick to a specific script while deceiving multiple people at one time.


supply chain attack
astaroth trojan
remote code execution vulnerability
phishing campaign
user credentials

Posted on: February 14, 2019

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite