Go to listing page

Cyware Daily Threat Intelligence January 2, 2019

Cyware Daily Threat Intelligence January 2, 2019

Share Blog Post

Top Breaches Reported in Last 24 Hours

Saint John's parking system breach
The data breach at the City of Saint John's parking ticket system is much larger than expected. The recent investigation highlights that the breach involved multiple instances where intruders gained access to confidential data of customers on the City's server through the Click2Gov payment system. The breach could have impacted individuals who used the website from early 2017 to December 16, 2018.

DarkOverlord group strikes again
The infamous DarkOverlord hacking group has made a comeback. The group has hacked law firms that handle cases related to the September 11 attacks. After gaining access to the documents, the group has threatened to disclose the related internal files in public if a ransom is not paid. The firms hacked by the threat actor includes Hiscox Syndicates Ltd, Lloyds of London, and Silverstein Properties. 

Victoria public servant data breached
The work details and other personal data of 30,000 Victorian public servants have been compromised in a data breach after hackers gained unauthorized access to Victorian Government directory. The directory included the work emails, job description and work contact numbers of employees.

Top Malware Reported in Last 24 Hours

Ryuk Ransomware
Ryuk ransomware is believed to be used in a massive attack that affected newspaper organizations in the US. 'The Times', one of the affected newspapers in the attack, shared a screenshot of a ransom note titled 'RyukReadMe' - which is similar to message reported in other incidents related to Ryuk ransomware. The malware is also suspected to have disrupted printing operations of several newspapers

Operation Cloud Hopper
The China-based cyber espionage group, APT10, has been linked with the latest attack campaign dubbed as 'Operation Cloud Hopper'. The campaign is centered on stealing intellectual property and other sensitive data from organizations. APT10 has been previously linked to attacks on construction companies, aerospace firms, telecoms and public firms. 

Emotet trojan
The Communications Authority of Kenya has raised an alert about the detection of Emotet trojan. The trojan has been found targeting network systems. So far, 11 cases related to the Emotet's attack have been observed by National Computer Incident Response Team Coordination Centre. The trojan can be a potential risk for organizations as it is capable of deleting or overwriting the data and files.

Top Scams Reported in Last 24 Hours

PayPal phishing scam
Scammers have been observed using Twitter to promote fake PayPal phishing scam. The scam involves the creation of an account that appears to be a legitimate PayPal account and promoting an end-of-year sweepstakes event. In the fake promotional event, the users are asked to verify their accounts by clicking on a malicious link - paypall-christmasgifts[.]com to win PayPal's New Year prizes. The scammers are leveraging such scams to steal credit card and personal details. In order to stay safe, users are advised to check the spelling of the URL before clicking on it. The 'PayPal' has been misspelled as 'Paypall'. The users should visit the original website to find out the authenticity of such offers.


ryuk ransomware
paypal phishing scam
emotet trojan
darkoverlord group
operation cloud hopper

Posted on: January 02, 2019

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite