Share Blog post
The Russian malware author, TheBottle, has developed a commodity botnet malware family called SquirtDanger. The malware is spread via illicit software downloads and persists via a scheduled task that is set to run every minute. SquirtDanger is equipped to take screenshots, send files, clear browser cookies, list processes, kill process among hoards of other tasks.
XiaoBa ransomware has been reprogrammed
Magnitude EK now downloads GandCrab
The Magnitude exploit kit no longer downloads Magniber ransomware. It is now using a fileless technique to load the GandCrab ransomware. The payload is encoded and embedded in a scriplet that is later decoded in memory and executed, thus making the method difficult to detect.
Around 32 vulnerabilities have been discovered in Foscam’s range of IP cameras, C1--a 1-megapixel cube indoor IP camera. These flaws have already been fixed. However, security researchers worry that it is a repeat of what happened last year. In June last year, Foscam had released a firmware update to address 19 remote injection vulnerabilities.
VR software vulnerable to attacks
Virtual reality systems like the HTC Vive and Oculus Rift were found to be vulnerable to cyber attacks by researchers from the University of New Haven. These systems don't have any kind of protection to avoid or stop a cyber attack and have the potential to cause real-world consequences.
A data breach has hit Ikea's TaskRabbit app. The app and website have been taken down while investigating the cybersecurity incident. The nature of the incident hasn't been revealed yet. However, the UK’s information commissioner’s office has mentioned that they’re looking into this situation.
Data firm leaks user profiles
Localblox, a data firm that collected personal profiles of 48 million combining data from sites and social networks like Facebook, LinkedIn, Twitter, Zillow, etc., leaked the information online. The company stored the information, without users' consent, in an unlisted Amazon S3 storage bucket without a password, allowing anyone to download its contents.
Posted on: April 18, 2018
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.