Updated: Nov 26, 2021
Top Breaches Reported in the Last 24 Hours
Iranian railway system hacked
Cybersecurity researcher at SentinelOne’s security has disclosed that a cyberattack that brought down Iran's national railways earlier in July it's involved a new reusable wiper malware also known as Meteor.
Chipotle's Account for Phishing Attacks
An email marketing account belongs to Chipotle has been hacked by cybercriminals in a phishing attack campaign. During the phishing operation, almost more than 120 malicious emails were sent from a hacked Mailgun account. American businesses used this account for marketing purposes. ([mail.chipotle.com].
Transnet hit cyberattack
South Africa’s ports and the freight rail operator were hit by a ransomware attack with a strain of ransomware called Death Kitty
Top Malware Reported in the Last 24 Hours
Threat Spotlight: Solarmarker
Cybersecurity researchers are closely tracking a SolarMarker Campaign that dates back to September 2020. Malware is capable of hacked sensitive data such as credit card details. As per know, researchers collected the evidence.
On July 21, 2021, Malwarebytes Labs identified a sophisticated suspicious document name “Манифест.docx” (“Manifest.docx”) Malware is capable of accessing files stored in compromised windows system downloading and executing malicious payloads still its is not disclosed who might be behind this attack.
Eight malicious Python packages
Researchers found eight malicious Python packages that we downloaded almost more than 30,000 times have been removed from the PyPI repository for containing malicious code. The malicious packages code could allow the hacker to spread malware through typosquatting, dependency confusion, or simple social engineering attacks. The eight malicious packages are pytagora, pytagora2, noblesse, genesisbot, are, sufferm noblesse2, and noblessev2.
Cybersecurity experts from Microsoft Uncovered a malicious campaign dubbed as BazaCall. Ongoing malware campaign that traps the victims into downloading the BazarLoader malware on their systems. The attack malware campaign leverages bogus call centers and phishing emails to target victims. The main motive of hackers is to distribute ransomware and hack confidential data and credentials.
Active Cozy Bear C2 servers
RiskIQ reported major sophisticated malware having identified more than thirty active APT29 commands and control (C2) servers.
(The Dukes, Yttrium, Cozy Bear), which the US government associates with Russia’s Foreign Intelligence Service (SVR), actively serving malware (WellMess, WellMail). This malware was previously used in espionage campaigns targeting COVID-19 research in the UK, US, and Canada.
Top Vulnerabilities Reported in the Last 24 Hours
Flawed Download Manager plugin
Recently vulnerability in the WordPress Download Manager Plugin could be abused to execute arbitrary code under specific configurations. Tracked as CVE-2021-34639 and having a CVSS score of 7.5, just because of flaws hackers are able to upload files with php4 extensions as files that might be executed under certain circumstances.
Top Scams Reported in the Last 24 Hours
PayPal Phishing Cofense Phishing Defense Center analysts have disclosed a new phishing campaign that stealing account details. The email contains a phishing link that leads recipients to a bogus PayPal live chat page.