Share Blog post
GnatSpy, a new mobile malware family, has been identified with several improvements from the earlier versions which makes this malware more modular and advanced. It now comes with new features like more receivers and services making it more capable. The new code uses Java annotations and reflection methods more often, which helps it to avoid detection and get installed in the system.
Emotet is a banking Trojan that can steal data by eavesdropping on network traffic. It is also able to download and run additional malware on the affected system. It is commonly spread by email, both using infected attachments as well as by embedded URLs in the email that download this Trojan.
Cybercriminals are using social engineering skills to install cryptocurrency miners on users’ computers. They dupe innocent users to download various types of free software which on installation, carries out the mining work without the users’ consent.
In an incident where hundreds of Lexmark printers were misconfigured, hackers could easily access the printers and control it to fulfill their malicious ambitions. The devices were open to the public internet and easily accessible to anyone because it lacked an administrative password.
Multiple security vulnerabilities were recently addressed by VMware for ESXi, vCSA, Workstation and Fusion products. These flaws can be exploited by the attackers for an arbitrary code execution.
Recently, vBulletin patched two earlier disclosed vulnerabilities that could be exploited by a remote attacker to execute arbitrary code and delete files from the server. Flaws fixed include patches for file inclusion and file deletion issue.
Recently, it has been reported that a new cyberattack campaign targeting organizations in the Middle East is unleashed. Earlier in the month, hackers likely working for a nation-state breached safety system at a critical infrastructure facility, in a watershed attack that halted plant operations in the Middle East.
EtherDelta website hacked
Users have been warned by the decentralized cryptocurrency exchange — EtherDelta — to not open the site as hackers could steal their funds. The warning came as malicious attackers gained temporarily access to @etherdelta DNS server.
WordPress site under brute force attacks
A massive brute-force campaign has targeted WordPress sites. During the attack, hackers attempted to guess admin account logins to install a Monero miner on compromised sites. Brute-force requests originated from over 10,000 unique IP addresses and targeted around 190,000 WordPress sites per hour.
Posted on: December 21, 2017
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...