Cyware Daily Threat Intelligence August 16, 2017

Share Blog post

Top Vulnerabilities Reported in the Last 24 Hours
Updates for Microsoft combo exploit
Microsoft has released new updates for a combo exploit campaign. The malicious campaign exploited the vulnerabilities of CVE-2017-0199 and CVE-2012-0158. The hackers apparently used the combo to drop the Lokibot banking Trojan.

Hackers encrypt phishing page with AES
Cybercriminals are sending malicious files camouflaged as an Apple invoice. The attackers have launched a phishing page encrypted with AES and the malicious files sent to the victims lead them to it. The encrypted page asks for users’ Apple credentials, once the victims enter them their personal and financial data would be compromised.

Patch released for Windows WSearch Service Vulnerability
Microsoft’s Windows operating system has been plagued with a search vulnerability. This flaw leverages the SMB vulnerability jeopardizing several machines hosting Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2 and more. Users should disable WSearch temporarily to mitigate the risk.


 Tags

Posted on: August 16, 2017

Get the Daily Threat Briefing delivered to your email!



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.



Join Thousands of Other Cyware Followers!