Threat Intelligence Cybersecurity Hacking News July 26, 2021

Updated: Aug 4


Threat Intelligence

Another major blind spot in email security check! An email spam campaign that went undetected for weeks was found to deliver malware on users’ devices. The most unusual aspect of this spam campaign was the use of the HTML smuggling attack technique that allowed major threat actors to fly under the radar.



Meanwhile, enterprises have been provided with some mitigation measures to prevent the newly discovered PetitPotam NTLM attack, which affects Windows systems. The attack abuses the Encrypting File System Remote (EFSRPC) protocol. Also, keep away from fake Windows 11 downloaders that are being distributed in the wild. The main motive of these fake downloaders is to infect user's systems.


Top Breaches Reported in the Last 24 Hours

THORChain loses $8 million

THORChain, a cross-chain of a DeFi protocol has suffered a loss of around $8.3 million following a hack. Anonymous hackers stole Ether Cryptocurrency by exploiting multiple vulnerabilities in the firm’s ETH router.

Signal’s blooper

Signal has been fixed a major bug in its Android app that caused the sending of random images to the wrong contacts. Previously first it was reported in December 2020


Top Malware Reported in the Last 24 Hours

Delivering malware

Threat actors made use of the HTML smuggling technique in a weeks-long email spam campaign to deliver malware to user devices. The technique enabled threat actors to bypass email security gateways.

Fake Windows 11 installer

Threat actors have created multiple fake versions of Windows 11 installers to distribute malware on victims’ systems. The fake software is offered in the form of links to users. There have been reports of these fake Windows 11 downloaders delivering adware and other malware payloads on computers.

Top Vulnerabilities Reported in the Last 24 Hours

PetitPotam attack

Microsoft has been released to rectify the recently disclosed PetitPotam NTLM attack that can allow any attackers to take control of Windows systems. The attack abuses the Encrypting File System Remote (EFSRPC) protocol. A PoC for the exploitation of the flaw has been published on GitHub.