The intelligence in this week’s iteration discuss the following threats: APT, Data exposure, Malspam, Phishing, Ransomware, Targeted attacks, Threat groups, and Vulnerabilities. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.
Trending Threats
200 Million Enterprise, Industrial, and Medical Devices Affected by RCE Flaws in VxWorks RTOS (July 29, 2019)Armis researchers have discovered 11 vulnerabilities in the real-time operating system, “VxWorks,” that is used by over 200 million devices. VxWorks is used by organizations in the industrial and medical sectors and is utilized by numerous types of devices and equipment such as elevators, firewalls, industrial controllers, patient monitors, printers, MRI machines, and VOIP phones. Six of the vulnerabilities can result in Remote Code Execution (RCE) and are registered as CVE-2019-12256, CVE-2019-12255, CVE-2019-12260, CVE-2019-12261, CVE-2019-12263, and CVE-2019-12257. The other five vulnerabilities can result in denial-of-service, information exposure, and logical errors are registered as CVE-2019-12258, CVE-2019-12262, CVE-2019-12264, CVE-2019-12259, and CVE-2019-12265. At the time of this writing, no observations of these vulnerabilities have been identified in the wild.Click here for Anomali recommendation
Brazilian Financial Service Exposed 250GB of Local Banks’ Customer Data via Unsecured Server (July 28, 2019)An unsecured server owned by an unnamed Brazilian financial service provider and containing approximately 250GB of data has been identified, according to Data Group researchers. The data consisted of Personally Identifiable Information (PII) including scanned ID cards, social security numbers, and documents related to proof of address and service request forms. Rese ..
Support the originator by clicking the read the rest link below.
