Cyware Daily Threat Intelligence April 19, 2018

A cryptographic flaw in Zerocoin Protocol
Security researchers have spotted a cryptographic flaw in Zeroin protocol and two security flaws in libzerocoin. These flaws cause Zeroin to display a denial-of-spending issue which allows hackers to stop the transactions of the victims and generate a ‘spend’ operation. Thus, the attacker’s spend approved and the real transaction gets dismissed.

rTorrent flaw
Hackers have started a new rTorrent vulnerability attack campaign, targeting the RIAA and NYU user agents. Security researchers are still conducting investigations into the hack. However, it has been found that the sending server of the RIAA user agent is a proxy server based in the Netherlands.

Updates to fix flaws in WebEx
Cisco has released security patches to a serious vulnerability, CVE-2018-0112, in its WebEx software. This flaw allows attackers to remotely execute code on target machines via poisoned Flash files. The flaw is due to insufficient input validation by the Cisco WebEx clients. NHS website under attack
Hackers have managed to deface the NHS website, insights[dot]London[dot]nhs[dot]uk, and gave it a background, eerie music and a message in white text that read: Hacked by AnoaGhost. The site hosts data from sources such as patient surveys about primary care providers, including GP surgeries. The website has been restored.

Global Maritime industry under attack
A Nigerian group, called Gold Galleon, has been identified targeting the global maritime industry through email compromise scams for hundreds of thousands of dollars. The group is sending spear phishing with malicious attachments containing a remote access tool with keylogging and password stealing functionality in order to trick users.