Published 3 days ago Previous

Cyberthreats for the week of 2019-04-08 to 2019-04-15

Use ThreatView to manage your Cybersecurity threats.

© RiskView Inc. 2019

Phishing AttacksEQ Bank0.02Tangerine Bank0.06Desjardins Financial0.1National Bank of Canada0.14Laurentian Bank0.18Vancity0.22Servus Credit Union0.26Manulife Financial0.3TMX0.34iA Financial0.38IFDS0.42Rogers0.46Bell0.5Fido0.54Shaw Communications0.58Sun Life Financial0.62Bank of Montreal0.66Telus0.7HSBC Bank0.74RBC Royal Bank0.78Scotiabank0.82American Express0.86ATB Financial0.9TD Bank0.94CIBC0.9801020304050607080010.973076923076924443.2692307692308EQ Bank010.973076923076924425.53846153846155Tangerine Bank010.973076923076924407.8076923076923Desjardins Financial010.973076923076924390.0769230769231National Bank of Canada010.973076923076924372.34615384615387Laurentian Bank010.973076923076924354.61538461538464Vancity010.973076923076924336.8846153846154Servus Credit Union010.973076923076924319.1538461538462Manulife Financial010.973076923076924301.42307692307696TMX010.973076923076924283.69230769230774iA Financial010.973076923076924265.9615384615385IFDS010.973076923076924248.2307692307692Rogers010.973076923076924230.5Bell010.973076923076924212.76923076923075Fido010.973076923076924195.03846153846152Shaw Communications114.276062493972807177.30769230769235Sun Life Financial217.57904806486869159.57692307692312Bank of Montreal217.57904806486869141.84615384615384Telus527.488004777556338124.11538461538467HSBC Bank734.0939759193481106.38461538461537RBC Royal Bank940.69994706113986688.65384615384609Scotiabank1973.7298027700986970.92307692307692American Express2283.6387594827863353.192307692307644ATB Financial2593.5477161954739835.46153846153842TD Bank80275.2119225947475317.730769230769255CIBCPhishing Attacks00000000000000012257919222580

Threat TypesData Breaches0.0625Vulnerabilities0.1875Scanner0.3125Botnet0.4375Spam0.5625Malware0.6875Dark Web0.8125Phishing0.937501000200030004000500060007000212.243707216961894194.26201923076923Data Breaches35424.674638940717113168.90144230769232Vulnerabilities188978.88338949743377143.5408653846154Scanner6508242.0040532247786118.18028846153847Botnet78039.71889153821632692.81971153846153Spam14317.2231429358524867.45913461538463Malware1212.59685868638675642.0985576923077Dark Web7954293.0697557036139616.737980769230766PhishingThreat Types235418896508780143127954

Vulnerabilities by Buzz level (354 total)Low0.1666666667Med0.5High0.833333333304080120160200240280320351303.394900127496874.66666666666666Low114.64806787237726745.5Med215.47305882167760816.33333333333334HighVulnerabilities by Buzz level (354 total)35112

High Risk Vulnerabilities

Published Summary CVE Number
2019-04-08 18:29

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.

Risk Score: 7.2

CVE-2019-0211
2019-04-09 17:29

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.

Risk Score: 7.2

CVE-2019-0841
2019-04-09 18:29

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow an attacker to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user.

Risk Score: 7.5

CVE-2019-1573

Cybersecurity Breaches

Published Organization Details
2019-04-08 Knuddels
knuddels.de

In September 2018, the German social media website [Knuddels suffered a data breach][1]. The incident exposed 808k unique email addresses alongside usernames, real names, the city of the person and their password in plain text. Knuddels was [subsequently fined €20k for the breach][2]. [1]: https://forum.knuddels.de/ubbthreads.php?ubb=show… [2]: https://blog.avira.com/german-flirting-network-ge… Data Leaked: Email addresses, Geographic locations, Names, Passwords, Usernames Domain: knuddels.de

Source: Have I Been Pwned?

2019-04-09 DataCamp
datacamp.com

In December 2018, the data science website [DataCamp suffered a data breach][1] of records dating back to January 2017. The incident exposed 760k unique email and IP addresses along with names and passwords stored as bcrypt hashes. In 2019, [the data appeared listed for sale on a dark web marketplace][2] (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to "BenjaminBlue@exploit.im". [1]: https://support.datacamp.com/hc/en-us/articles/36… [2]: https://www.theregister.co.uk/2019/02/11/620_mill… Data Leaked: Email addresses, Geographic locations, IP addresses, Names, Passwords Domain: datacamp.com

Source: Have I Been Pwned?

Important Cybersecurity News

The Hacker News1 day ago by info@thehackernews.com (Swati Khandelwal)

Hackers Compromise Microsoft Support Agent to Access Outlook Email Accounts

If you have an account with Microsoft Outlook email service, there is a possibility that your account information has been compromised by an unknown hacker or group of hackers, Microsoft confirmed The Hacker News. Earlier this year, hackers managed to breach Microsoft's customer support portal and ...

The Hacker News3 days ago by info@thehackernews.com (Mohit Kumar)

WikiLeaks Founder Julian Assange Arrested After Ecuador Withdraws Asylum

WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London—that's almost seven years after he took refuge in the embassy to avoid extradition to Sweden over a sexual assault case. According to a short note released by London's Metropolitan Police Service, Assange was arr...