Cyware Daily Threat Intelligence April 20, 2018

Top Malware Reported in the Last 24 Hours
Facebook malware
A sophisticated malware campaign has been discovered by security researchers targeting Facebook users, in the form of a painting application called ‘Relieve Stress Paint.’ The app has managed to infect tens of thousands of Facebook accounts by installing the Stresspaint malware on their systems. The app primarily uses phishing emails and Facebook messages to spread itself.

RansSIRIA ransomware
Unknown hackers are targeting mainly Brazilian victims with a new ransomware called RansSIRIA. The ransomware encrypts user files and asks for a small contribution to empathize with those suffering in Syria. The note also specifies that those circulating the ransomware are not interested in stealing data.

New spam campaign delivers Adwind RAT
A new spam campaign has been detected trying to deliver the cross-platform RAT Adwind alongside the XTRAT backdoor. The malware is also delivering the Loki info-stealer, and DUNIHI VBScript with backdoor and worm capabilities separately.

Top Vulnerabilities Reported in the Last 24 Hours
Flaw discovered in Windows 10 S
Security researchers at Google have discovered and publicly disclosed a security flaw in Windows 10 S. Even though the fix was supposed to be released by April, Microsoft postponed it until May. Exploiting the bug will allow hackers to run arbitrary code.

Java SE vulnerability
A security vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE has been discovered. The flaw can affect supported versions Java SE: 6u181, 7u171, 8u162 and 10; and Java SE Embedded: 8u161. By exploiting this bug, hackers can gain network access via multiple protocols to compromise Java SE, Java SE Embedded.

Oracle releases security patches
Security patches have been released by Oracle addressing 254 vulnerabilities across dozens of products in its April security update. Fixed flaws also include Spectre-related vulnerabilities in Solaris systems, specially CVE-2017-5753 known as Spectre variant 1. Admins are advised to check their products for the patches.

Top Breaches Reported in the Last 24 Hours
SunTrust ex-employee tried to steal data
SunTrust Banks revealed that a former employee might have tried to download and steal client data of nearly 1.5 million clients. Speculations are being made that the employee tried to share the data with a malicious third-party. No significant fraudulent activities have been identified yet.

Cyber attacks on the education system
Several education departments--including Mississippi Department of Education and New York State Education Department--announced technical problems with online tests administered by Questar. The attacks are preventing students from taking standardized tests.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.