ZeroFox Daily Intelligence Brief - June 22, 2023
|by Alpha Team
ZeroFox Daily Intelligence Brief - June 22, 2023
ZeroFox Intelligence collects, curates, and analyzes information derived from open and proprietary sources. Please find today’s daily roundup to give you and your clients an advantage over the adversary.
Brief Highlights
- Apple Issues Patch To Stop “Triangulation” Spyware That Hit Kaspersky
- iOttie Reveals Credit Card Data Breach Following Site Hack
- UPS Discloses Customer Information Data Breach Used in SMS Phishing Attacks
- Vulnerabilities: CVE-2023-33933, CVE-2021-3468, and CVE-2023-31196
- Exploits: CVE-2013-1979 and CVE-2014-0038
- Breaches: Telegram: Logz_5GB[.]7z Botnet Breach, Credit Card Data Breach: 2023-6-21, and BreachForums/XSS: Learn French by Podcast Data Breach
Apple Issues Patch To Stop “Triangulation” Spyware That Hit Kaspersky
Apple has issued patches for iOS, macOS, iPadOS, and watchOS to fix three zero-day vulnerabilities that were recently abused to deploy Triangulation spyware on iPhones of Kaspersky employees. This zero-click exploit can infect iPhones through malicious messages sent over iMessage and allow attackers to execute arbitrary code with kernel privileges. Because the spyware is deployed in memory, all traces of the implant are lost when the device gets rebooted.
iOttie Reveals Credit Card Data Breach Following Site Hack
Car mount and mobile-accessory manufacturer iOttie has disclosed that its website was compromised by malicious scripts from April 12, 2023 to June 2, 2023, which led to the exposure of customers' credit card details and personal information. iOttie has urged customers who made purchases during this period to monitor their financial accounts for any fraudulent activity.
UPS Discloses Customer Information Data Breach Used in SMS Phishing Attacks
Multinational shipping company UPS has issued data-breach letters to its Canadian customers, alerting them that their personal data may have been compromised through its online package look-up tools and subsequently exploited in phishing attacks. The company received several reports of phishing attempts from customers—both from within Canada and outside. UPS has implemented measures to restrict access to data and are notifying affected individuals.
VULNERABILITIES
- CVE-2023-33933 - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.
- CVE-2021-3468 - A flaw was found in avahi in versions 0.6 up to 0.8.
- CVE-2023-31196 - Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated attacker to obtain sensitive information of the affected products.
EXPLOITS
- CVE-2013-1979 - Linux Kernel Capability file_ns_capable() Privilege Escalation Vulnerability
- CVE-2014-0038 - Linux Kernel 3.13.1 Recvmmsg Privilege Escalation
BREACHES
- Telegram: Logz_5GB[.]7z Botnet Breach - (450,507 Records) | Email address and password
- Credit Card Data Breach: 2023-6-21 - (bc7301 | 2815) | Credit card
- BreachForums/XSS: Learn French by Podcast Data Breach - (120,739 Records) | Email address and password
Tags: DIB, tlp:green