Share Blog post
Mirai-like Scanning activity detected
Researchers have observed an influx of activities coming from 3,423 IP addresses of scanners used in China. The attack behavior is found to be similar to that of the Mirai botnet. The infection method involves continuous scanning on the internet in order to find vulnerable devices and then using default credentials to hijack them. 167 routers, 16 IP cameras, and 4 digital video recorders (DVRs) were used to in the scanning activity.
Microsoft has released the April edition of its monthly security update which has fixed a total of 67 CVE-listed vulnerabilities. One of the important patch released is for the Wireless Keyboard 850 vulnerability (CVE-2018-8117). The flaw allowed attackers to reuse the keyboard's AES encryption key to record keystrokes or inject malicious commands into a victim's computer.
Spectre Variant 2 patched
AMD has released microcode updates to mitigate exploitations by variant 2 of the Spectre flaws. The update covers patches for AMD processors dating back to the first 'Bulldozer' core products which were introduced in 2011.
CVE-2018-0950 partially patched
Among all the fixes released by Microsoft in its April edition, the old Outlook vulnerability (CVE -2018-0950) seems to have not been completely patched. After applying the update, the system administrator needs to follow some further workarounds like locking inbound and outbound SMB connections at the network border and NTLM Single Sign-on (SSO) authentication. The so-called CVE-2018-0950 vulnerability allowed hackers to steal user account passwords and NTLM hashes from Windows computers.
Posted on: April 11, 2018
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.