Cyware Daily Threat Intelligence April 10, 2018

Top Malware Reported in the Last 24 Hours
PUBG ransomware
A new ransomware, going by the name PUBG ransomware, was discovered by security researchers. The ransomware employs a unique way of decrypting files--by asking victims to play the game called PlayerUnknown's Battlegrounds. The ransomware appends the '.PUBG' extension to the encrypted file name.

FormBook malware
The new FormBook malware is exploiting behavioral design flaws in .docx and RTF and the CVE-2017-8570 flaw in order to infect a system. Security tools are bypassed by use of embedded URLs instead of active code. Once infecting a system, the malware takes screenshots and steals personally identifiable information.

Ransomware attacks continue
An increase in ransomware attacks across the world has been observed by the National Cybersecurity and Communications Integration Center (NCCIC). Organizations are advised to strictly maintain cyber security hygiene--such as regularly updating systems, creating frequent backups etc--in order to stay safe from such attacks.

Top Vulnerabilities Reported in the Last 24 Hours
SirenJack Flaw
A flaw has been discovered in the popular emergency alert system supplied by ATI systems. Exploiting this flaw could allow hackers to hijack the sirens and trigger false alarms. This exploitation is done via radio frequencies and hackers will have to be in radio range in order to carry out the exploitation.

Critical vulnerability in CyberArk
A remote code execution (RCE) flaw, dubbed CVE-2018-9843, has been discovered in the CyberArk Enterprise Password Vault application, that would allow hackers to gain unauthorized access to the system with the privileges of the web application. To stay safe, users are advised upgrade their software to version 9.9.5, 9.10 or 10.2.

Top Breaches Reported in the Last 24 Hours
Vevo’s YouTube account hacked
The YouTube account of Vevo was hacked by cyber criminals, who deleted their most watched music video on YouTube, ‘Despacito’. The video was unavailable on YouTube for over an hour but is back again. Hackers behind this attack called themselves Prosox & Kuroi’SH and wrote ‘Free Palestine’ underneath the videos.

St Maarten Government ICT hit
A cyber attack hit the government organization of Sint Maarten, resulting in a complete shut down of the ICT-system in the government building. The building has also been closed down and services dealing with the public are not yet operational.

AU website hacked, again!
The official website of Andhra University (AU) was hacked by a Pakistani hacker who has previously defaced many Indian government sites. Even though the site has been since restored, it is still not properly visible to visitors.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.