Share Blog post
A new harmful file-encryption trojan called HC7 is found infecting victims by hacking into Windows systems that are publicly accessible via remote desktop services. The encrypted files are marked with the '.GOTYA' suffix along with a ransom note named RECOVERY.txt. Users are advised to stay alert when clicking on unsolicited emails.
Vortex and Bugware ransomware
Some time back, researchers found that the ransomware duo — Vortex and Bugware — target .NET users. In support of it, they have released an analysis report on two relatively new open-source ransomware programs. Both the encryptors are compiled in Microsoft Intermediate Language (MSIL) and packed with the Confuser packer.
Security researchers discovered a critical vulnerability which could allow a remote attacker to take control of an affected system. A combination of, an external SVG image referenced on a page and the coloring of anchor links stored within this image, can be used to determine which pages a user has in their history.
Banking app security flaw
A security flaw that could have affected millions of customers of some of the Britain’s biggest banks was detected by University of Birmingham academicians. The vulnerability allowed an attacker to retrieve user credentials through a man in the middle (MitM) attack. Users using banking apps should make sure that they are always using the most recent version.
The surveillance software from an Israeli defense contractor — Elbit Systems Ltd. — is suspected of using a espionage campaign targeting Ethiopian dissidents living outside the East African nation. The government of Ethiopia is believed to have targeted Ethiopian journalists working in foreign countries in the past with a different brand of commercially available spyware.
Stanford’s Chief Digital Officer ousted
The chief digital officer at Stanford University’s Graduate School of Business is fired after failing to disclose a data breach that included confidential student financial aid records and sensitive information from 10,000 employees. The employee information included Social Security numbers, birth dates, and salaries.
Posted on: December 07, 2017
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.