Cyware Daily Threat Intelligence December 06, 2017

Top Malware Reported in the Last 24 Hours
StorageCrypt ransomware
The ransomware that was discovered a few weeks ago is now found targeting NAS devices such as the Western Digital My Cloud using SambaCry vulnerability. All the files on the NAS are encrypted with the .locked extension. The ransom note contains the ransom amount of 0.4 to 2 BTC, the bitcoin address to send payment to, along with the email address.

Fake 3MobileUpdater.Malware
A new strain of Android malware that appears as a fake 3MobileUpdater has been discovered recently. The malware looks like a legitimate app used to retrieve the mobile system update, but it hides a powerful spyware which gathers user info from the smartphone.

Quant trojan
In a recent discovery, the Quant Trojan has got a significant update and is now targeting Bitcoin stashes and cryptocurrency wallets. Recently, researchers from Forcepoint Security Labs suggested this Trojan might be a distributor of Locky Zepto ransomware and Pony malware families.

Top Vulnerabilities Reported in the Last 24 Hours
Symantec zero-day flaw unpatched
The zero-day vulnerability in Symantec endpoint clients had been left unpatched even after the bug was disclosed months ago. The security flaw affects kernel driver in many of the Symantec’s endpoint solutions.

TeamViewer permission bug fixed
The desktop sharing program — TeamViewer — has issued a fix for a bug that allows users sharing a desktop session to gain control of the other’s computer without permission. TeamViewer has issued a patch for Windows, and patch for macOS and Linux versions are expected soon.

ParseDroid vulnerability
The Android vulnerability — codenamed ParseDroid — was discovered security researchers in Israel. The flaw puts any developer at the risk of an outsider gaining access to their systems. The vulnerability affects cross-platform users that use Android Studio, IntelliJ, Eclipse and APKTool and the most common Android Integrated Development Environment, (IDES).

Top Breaches Reported in the Last 24 Hours
AI.type leaks data
The virtual smartphone keyboard — Ai.type — has leaked online the data belonging to 31 million users after the developer failed to properly secure the app’s database.The app’s database server was left online without any form of authentication. This meant that anyone could access the company’s treasure-trove of personal information which totals more than 577 gigabytes of data, without needing a password.

July Systems database exposed
In another incident, a massive trove of sensitive data was left freely exposed online by San Francisco-based July Systems. The company's cloud-based location intelligence and engagement platform called "Proximity MX", which contains proprietary information belonging to the firm and its clients, were exposed via unsecured Amazon S3 databases.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.