Cyware Daily Threat Intelligence August 21, 2017

Top Vulnerabilities Reported in the Last 24 Hours
Patched Microsoft flaw abused
Hackers have been found to be exploiting the CVE-2017-0199 flaw to deliver malware through PowerPoint Slide Show. However, this security loophole was fixed back in April 2017 for MS-Office. The attacks are specifically targeting electronic manufacturers. Users are advised to patch the software immediately.

Visual Studio flaw deletes files
A software developer recently claimed that his three months of code was deleted from a vulnerability present in Visual Studio. The main reason for the wipe is "control gaps", in addition to the absence of the Git repository. Control gaps should be clearly documented to draw attention. To prevent such a predicament, it is recommended to backup your codes regularly.

WSearch vulnerability courts attacks
A remote code execution flaw has been surfaced in the Window Search feature. The vulnerability is found when Windows search handles objects in memory. An unauthorized hacker can remotely trigger the flaw through an SMB connection and take control of the target computer. To mitigate the security loophole, users are advised to disable WSearch temporarily.

Top Breaches Reported in the Last 24 Hours
HBO leaks continue
The hacker group going by the name “Mr. Smith Group” has continued its stream of HBO data leaks. After the much-hyped leak of Game of Thrones episode 6, it has now revealed HBO’s social media passwords. Also, the group has threatened to release the Game of Thrones finale if their demanded ransom isn’t paid.

Angry gamer behind Dyn assault
The cyberattack that earlier rocked the USA’s internet is now being associated to an angry gamer, which was caused by Mirai botnet. The attack on Dyn, a company that controls most of the DNS infrastructure, in turn, had an immense effect on PlayStation network.

Ex BofA employee accused of insider trading
Daniel Rivas is said to have accessed M&A information and sent it to his friends on more than 50 occasions. Who in turn used the information to buy and sell securities according to the investigation report. To evade detection, the team used code words and encrypted messages to communicate and pass the information amongst themselves.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.