Cyware Daily Threat Intelligence December 07, 2017

Top Malware Reported in the Last 24 Hours
HC7 GOTYA ransomware
A new harmful file-encryption trojan called HC7 is found infecting victims by hacking into Windows systems that are publicly accessible via remote desktop services. The encrypted files are marked with the '.GOTYA' suffix along with a ransom note named RECOVERY.txt. Users are advised to stay alert when clicking on unsolicited emails.

Vortex and Bugware ransomware
Some time back, researchers found that the ransomware duo — Vortex and Bugware — target .NET users. In support of it, they have released an analysis report on two relatively new open-source ransomware programs. Both the encryptors are compiled in Microsoft Intermediate Language (MSIL) and packed with the Confuser packer.

Top Vulnerabilities Reported in the Last 24 Hours
Mozilla Firefox security vulnerability
Security researchers discovered a critical vulnerability which could allow a remote attacker to take control of an affected system. A combination of, an external SVG image referenced on a page and the coloring of anchor links stored within this image, can be used to determine which pages a user has in their history.

Banking app security flaw
A security flaw that could have affected millions of customers of some of the Britain’s biggest banks was detected by University of Birmingham academicians. The vulnerability allowed an attacker to retrieve user credentials through a man in the middle (MitM) attack. Users using banking apps should make sure that they are always using the most recent version.

Top Breaches Reported in the Last 24 Hours
Ethiopians targeted
The surveillance software from an Israeli defense contractor — Elbit Systems Ltd. — is suspected of using a espionage campaign targeting Ethiopian dissidents living outside the East African nation. The government of Ethiopia is believed to have targeted Ethiopian journalists working in foreign countries in the past with a different brand of commercially available spyware.

Stanford’s Chief Digital Officer ousted
The chief digital officer at Stanford University’s Graduate School of Business is fired after failing to disclose a data breach that included confidential student financial aid records and sensitive information from 10,000 employees. The employee information included Social Security numbers, birth dates, and salaries.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.