Threat Intelligence Cybersecurity Hacking News July 27, 2021
Updated: Aug 4, 2021
Threat Intelligence
Again, Zero-day vulnerabilities are exploding and so are opportunities for threat actors who are always trying to break such major security flaws. Cybersecurity researchers have multiple times warned about three new zero-day vulnerabilities that affect Kaseya’s Unitrends service. All the Users are advised not to expose the service to the internet until the updated patches are released. Apple users heaved a sigh of relief as the firm released an emergency patch to address a zero-day flaw that could be abused to run malicious code on iOS, iPad OS, and macOS.
A major sophisticated attack that exploited a deserialization flaw in the ASP.NET application of the Checkbox Survey tool has been reported in the last 24 hours. The Notorious Praying Mantis threat actor of the group has made an attack and targeted the U.S. organizations
Top Breaches Reported in the Last 24 Hours
Kaseya denies paying ransom
Kaseya has denied paying any ransom money to cyber criminals However, Kaseya announced last week that it had obtained a universal decryptor from a “trusted third-party” that would allow customers to recover their files without paying.
BRI Life data on sale
Indonesia's BRI Life probes reported a data leak of 2 million users. however, an anonymous user has shared a post on the RaidForums website regarding the sale of around 460,000 documents stolen from the BRI Life clients.
Top Vulnerabilities Reported in the Last 24 Hours
Checkbox Survey vulnerability exploited
A major attack disclosed in the Checkbox Survey tool has been exploited in recent attacks. Exploited by a threat group that might be linked to china against organizations in the U.S. The attacks involve CVE-2021-27852, a deserialization-related code execution vulnerability affecting Checkbox Survey, an ASP.NET tool designed for the functional adding survey to websites.
New Kaseya vulnerabilities
Cybersecurity researchers have warned against three new zero-day vulnerabilities in the Kaseya Unitrends service. Users are advised not to explore the service to the internet until the updated patches are released. The vulnerabilities are related to remote code execution and privilege escalation.
SeriousSAM vulnerability
Microsoft Windows 10 and 11 base users are at high risk of a new unpatched vulnerability that was recently disclosed publicly. SeriousSAM vulnerability that can allow attackers with low-level permissions to access Windows system files to perform a pass-the-hash attack. SeriousSAM vulnerability will be tracked as CVE-2021-36934, which exists in the default configuration of Windows 10 and Windows 11. Microsoft has suggested workarounds to mitigate the vulnerability.
Apple issues zero-day patch
Apple has released the patches for a zero-day vulnerability in its iOS, iPadOS, and macOS. The flaw, tracked as CVE-2021-30807, affects the iGiant’s IOMobileFrameBuffer code that can be abused to run malicious code on the affected devices.