Cyware Daily Threat Intelligence August 10, 2018

Top Malware Reported in the Last 24 Hours
North Korea malware
Security researchers have discovered that several North Korean APT groups have been reusing the same decade-old malicious code in multiple campaigns across the globe. The malicious code has allowed researchers to trace the activities of North Korean hackers. 

Tibet malware campaign
A recently discovered malware campaign targeting Tibetan diplomats, journalists, activists and NGOs. Security experts have discovered that the campaign is linked to a much larger and older operation called Tropic Trooper. This campaign has been active since at least 2012 and has attacked governments and private sector entities in Taiwan and the Philippines. 

Iran ransomware attack
A series of ransomware attacks targeted both private and public sectors have been discovered. The attacks are the work of Iranian hackers, who are demanding ransom in the form of bitcoins.  Experts suspect that the ransomware attacks, which shut down payment systems at San Francisco Municipal Transportation Agency and UK hospitals, were sparked by  the re-imposition of sanctions on Iran. 

Top Vulnerabilities Reported in the Last 24 Hours
Samsung meltdown attack
Samsung’s Galaxy S7 smartphones contain a microchip security flaw, uncovered earlier this year, which could allow attackers to spy on tens of millions of devices. Hackers can exploit the vulnerability by either bypassing hardware barriers or tricking applications into divulging passwords or banking details. Researchers have figured out a way to exploit the Meltdown vulnerability to attack Galaxy S7 handsets. But, Samsung has patched the issue.

Comcast vulnerabilities
Two previously unreported flaws in Comcast Xfinity online portal was patched. The first flaw is related to an “in-home authentication page” where a user is able to pay their bills without signing in.  The flaws exposed partial home addresses and social security numbers of 26 million users. Comcast has disabled in-home authentication and requires customers to manually input personal information to verify their account when paying a bill. The issues were blocked within hours of discovery, eliminating the possibility of exploition.





  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.