Cyware Daily Threat Intelligence December 20, 2017

Top Malware Reported in the Last 24 Hours
Trio malware
Recently, a Chinese threat actor has been found to be targeting MSSQL and MySQL databases on Windows and Linux using Trio malware. The attackers first scan the vulnerable database servers with weak login credentials. Once they get the hold of the weak server, they break into it by injecting malicious code.

Emotet info-stealer malware
In another discovery, a new 'polymorphic' variant of Emotet info stealer found can evade detection by more than 75% anti-viruses available in the market. Its main targets are people who are carefree and enjoying the festive season. Emotet Infostealer Malware spreads through a Microsoft Word Document that contains a malicious macro program.

Triton malware
A recent attack caused operational disruption of critical infrastructure at an unnamed industrial plant in the Middle East. The hackers introduced a malware program known as Triton into the security system.

Top Vulnerabilities Reported in the Last 24 Hours
GoAhead flaws
A security flaw, designated CVE-2017-17562, has been found in the GoAhead web server software--embedded in Internet of Things devices. Exploiting this flaw will allow attackers to hijack gadgets, take control of the hardware and spy on users. Linux-powered internet-reachable routers and home security webcams are mostly affected by the flaw.

Windows 10 Hello vulnerability
German pen-testing company — SySS GmbH — announced a vulnerability plaguing the Windows 10 Hello Facial Recognition feature. Attackers can exploit the flaw using a low-resolution photo of the device’s owner and bypass the facial recognition system.

Cambium network flaws
Multiple vulnerabilities were discovered in Cambium Networks’ ePMP and cnPilot product lines. These flaws could be exploited to control devices and the serving networks remotely. The affected devices are used all over the world in schools, hotels, municipalities and industrial sites.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.