Cyware Daily Threat Intelligence December 15, 2017

Top Malware Reported in the Last 24 Hours
Emotet repackaged
Security researchers have realized on analyzing that Emotet banking Trojan is being repackaged rapidly. The polymorphic dropped executables were investigated by security experts. It was found that the executables appear like different software in many aspects. This allows them to avoid signature-based antivirus and package detection.

Prilex ATM malware
This malware is almost exclusive to Brazil. Prilex ATM malware interacts with libraries from specific vendors, indicating particular knowledge of the ATM and related network. It works by hooking certain dynamic-link libraries (DLLs), replacing it with its own application screens on top of others.

Top Vulnerabilities Reported in the Last 24 Hours
Microsoft RCE flaws
In another discovery, hackers are using exploit kits to scan for vulnerabilities in the targeted system and install malware by injecting malicious code into the documents. This lures the users to open the documents and enable macros in the MS Office package.

Microsoft Azure flaw
A flaw that exists in Microsoft Azure Active Directory Connect could create stealthy admins in the user group by default. Enterprises with Office 365 deployments and on-premise Active Directory, who then use Azure AD Connect to sync between on-premise and cloud, will have been exposed to this privilege escalation vulnerability.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.