Share Blog post
It has been found that at least 65,000 routers have been compromised by botnet operators and cyber-espionage groups (APTs) to create proxy networks in order to carry out illegal activities. Hackers are abusing the Universal Plug and Play (UPnP) protocol that comes with all modern routers to proxy bad traffic and hide their real location.
Chtonic banking malware
Hackers are breaching legitimate websites in order to spread Chtonic banking malware, a variant of ZeusVM, to users through fake alerts for browser updates. This attack method is in use since December last year. To stay safe, users are advised not to click on random pop-ups asking them to download browser updates.
SAP has released the April 2018 Security Patch Day, containing a collection of 10 security patches that address critical vulnerabilities in web browser controls in SAP Business Client. The patches also address a DoS flaw (tracked as CVE-2017-7668), an improper session management (CVE-2018-2408) and a code injection vulnerability.
Screen lock bypass vulnerability in iOS
A screen lock bypass flaw has been discovered in the Signal app of iOS versions prior to 18.104.22.168. The bug works based on the click sequence that includes app opening, clicking on cancel and using the home button. Users are advised to update to Signal app’s version 2.23.2 to stay safe.
Multiple vulnerabilities in Simple DirectMedia Layer
Several security flaws have been discovered in Simple DirectMedia Layer's SDL2_Image library, version 2.0.2. The vulnerabilities include CVE-2018-3837, an exploitable information disclosure flaw; CVE-2018-3838, an information vulnerability in XCF image rendering functionality; and CVE-2018-3839, a code execution vulnerability.
The United Kingdom has launched a cyber attack campaign against the Islamic State group to hinder the group's ability to coordinate attacks and suppressed their propaganda. The National Cyber Security Centre (NCSC) and UK law enforcement have also designed a new categorization brief for cyber attacks in order to improve consistency and speed in incident responses.
A data breach at GWR
Britain's Great Western Rail (GWR) has recently suffered a data breach incident where the company’s customer accounts were accessed by the hackers. Only 1000 accounts were directly affected out of more than one million. Customers are advised to change their passwords immediately.
Radar and other Bridge systems breached
A simulated penetration test has been conducted by ethical hacking experts from Naval Dome to check how vulnerable radar systems are. Experts could breach into the systems of ECDIS, voyage data recorders, and radar systems. This is done so adeptly that no suspicion is aroused.
Posted on: April 12, 2018
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.