Threat Reports

Silobreaker Daily Cyber Digest – 23 October 2018

 

Ongoing Campaigns

iPhone users vulnerable to fake Spotify iTunes email

  • iPhone users are being warned of a new scam that uses a phishing email claiming to be from Apple and Spotify, aimed at stealing Apple login details.

Source

 

Leaks and Breaches

Trade.io loses $7.5 million in cryptocurrency after wallet hack

  • The Trade.io cryptocurrency exchange has admitted to a security breach that led to the theft of over 50 million Trade tokens (TIO) worth $7.5 million. The attack that occurred on Sunday 21st October 2018, targeted the exchange’s cold storage wallets from which funds were withdrawn. The perpetrator behind the attack remains unknown.
  • The stolen funds belong to Trade.io and are ‘held in reserve to funnel into its liquidity pool’ in cases of trading activity peaks. The incident does not affect users registered on the exchange nor has any impact on day-to-day trading activity, ZDNet reports.

Source

 

Vulnerabilities

File overwrite bug in Windows 10

  • Build 1809 of Windows 10 does not appear to be prompting users if they wish to overwrite files when a zip file is extracted. Normally, a confirmation prompt is offered, but this has disappeared, allowing a user to inadvertently overwrite documents.
  • According to an IT Staff Engineer at Microsoft, this issue has been patched in Windows 10 build 18234.

Source

 

Tools and scripts leveraging Libssh vulnerability released

  • Following the discovery and publication of CVE-2018-10933, a vulnerability in libssh, multiple scripts and tools have been released allowing easy remote exploitation of systems running vulnerable versions. These include a script by Leap Security that will scan for vulnerable devices, and another by ‘Kshitij Khakurdikar’ that will actually exploit it. Vendors with affected devices have released advisories regarding the vulnerability.

Source

 

Signal application stores data in plaintext during upgrade

  • Security researcher Matt Suiche tweeted that Signal, an encrypted messaging application, appears to save text and attachment data in unencrypted text files on a user’s disk, in order to import it into Signal Desktop when transitioning from the Signal Chrome Extension.
  • Each folder is named after a contact, including their contact details, and chat conversations are stored in JSON format within each folder.

Source

 

General News

Future Investment Initiative website targeted by cyber attack

  • The website of the Saudi Future Investment Initiative (FII) 2018 was taken down on Monday, following an apparent cyber attack. Messages criticizing Saudi Arabia’s role in the war in Yemen and accusing the kingdom of terrorist financing were displayed. The actor behind the attack remains unknown.
  • The summit is taking place between October 23rd and October 25th, 2018.  

Source

 

The Silobreaker Team

Disclaimer: Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • Silobreaker Daily Cyber Digest – 22 March 2019

      Ongoing Campaigns Dr Web reports Flexnet banking trojan targeting users of Android devices Flexnet banking trojan is reportedly based on GM bot trojan...
  • Silobreaker Daily Cyber Digest – 21 March 2019

      Malware New Carbanak Gang tools discovered by Flashpoint Flashpoint researchers reported on newly discovered tools used by the Carbanak Gang in a campaign...
  • Silobreaker Daily Cyber Digest – 20 March 2019

      Malware Malicious Office document analysed by ZLAB Researchers at Cybaze-Yoroi ZLAB discovered a malicious Office document with a payload capable of bypassing AppLocker...
View all News

Request a demo

Get in touch