CyberIntelMag's Threat report

Weekly Cyber Threat Report, December 27 – December 30, 2021

Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.

From the good news: This week’s good news include Blackmagic fixing severe DaVinci resolve code execution vulnerabilities, the United States vice president Kamala Harris pushing for a cyber policy in the country, the latest Log4j 2.17.1 fixes new RCE flaw, state employees to get paid even after the ransomware attack, Data breach laws in India to become even more robust in 2022, and others.

  • Recently, two exploitable vulnerabilities in Blackmagic Software’s famous DaVinci Resolve software were fixed. Previously, attackers used to gain code execution on unpatched systems.
  • Vice President Kamala Harris believes that the US requires a cyber doctrine. She is, in fact, persuading the one to fight against cyberattacks and hackers.
  • The K-12 Cybersecurity Act was authorized into law by President Joe Biden. It lays forth four goals aimed at improving the cybersecurity of K-12 educational institutions in the US.
  • Log4j 2.17.1 was published by Apache to address CVE-2021-44832, a newly discovered remote code execution (RCE) weakness in 2.17.0.
  • Despite a ransomware attack affecting a software provider that helps administer the state’s payroll system, 60,000 West Virginia’s state employees will be paid on time this week.
  • According to local media reports, Indian authorities are planning to crack down on data breaches and tighten laws for storing sensitive data. It would require companies to notify data breaches within 72 hours.


From the bad news: This week’s bad news include Inetum becoming the victim of a ransomware attack, Shutterfly services being interrupted by the Conti ransomware, many QNAP NAS devices being infected by eCh0raix ransomware, Bluetooth reboot of Fisher Price’s pre-school play phone having an adult privacy flaw flex capacity space of modern SSDs containing hidden malware, and others.

  • A ransomware attack on Inetum Group, the French IT services provider, occurred with a modest impact on the main infrastructures, communication, collaboration tools, or delivery operations for Inetum clients.
  • The Conti ransomware has reportedly locked thousands of computers and stolen business data at Shutterfly, a company that specializes in customized pictures and photography.
  • The Bluetooth reboot feature of the Fisher-Price Chatter Special Edition pre-school play phone has been discovered to instead threaten the very adult prospect of being watched at home.
  • Users of QNAP NAS (Network-Attached Storage) devices claim that the eCh0raix ransomware, also known as QNAPCrypt, has infected their systems. The associated malware gives threat actors access to systems with administrator privileges.
  • Several Showbox movie piracy app clones in Samsung’s Galaxy store may infect smartphones with malware. Most of them get user rights to abuse contacts, call records, and phones.
  • Two LastPass vice presidents have issued statements in response to the security vulnerabilities that surfaced this week with LastPass. After security alerts, they affirm that there’s no sign of compromised accounts.
  • D.W. Morgan, a logistical giant, has an open Amazon S3 bucket that has over 100 GB of sensitive data concerning shipments and the company’s clients, including significant Fortune 500 companies like Cisco and Ericsson.
  • The ransomware attack that crippled IT systems and live broadcasts of Cox radio and TV stations earlier this year was carried out by DEV-0270, an Iranian threat actor.
  • According to recent research, an ongoing Autom crypto mining campaign has updated its arsenal while improving its defensive evasion strategies, allowing threat actors to conceal intrusions and remain undetected.
  • Korean cybersecurity experts created a series of cyberattacks on some solid-state drives (SSDs) that might allow malware to be installed in a location beyond the reach of the user and security solutions.
  • According to analysts, the number of malicious inactive domains is increasing, and around 22.3 percent of strategically aged domains constitute a threat. They can be abused to launch attacks and support malicious activities.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.