Cyware Daily Threat Intelligence December 4, 2018

Top Malware Reported in the Last 24 Hours

NotPetya-like worm 
NCC, an infosec firm, has unleashed a NotPetya-style worm to study the characteristics of the malware and understand how to harden the security against the destructive malware outbreaks. The worm is dubbed as Eternalglue worm and differs from the actual NotPetya worm. The new malware is less lethal and does not touch a defined network ranges or hosts. The worm was launched for test on one of the NCC's customer networks and it could stopped by changing the settings of Windows Active Directory. 

WakeNet AB caught spreading PuPs
WakeNet AB, a Swedish pay-per-install software developer has been discovered to generate a large amount of revenue by spreading potentially unwanted programs (PuPs) to users. In order to lure the users, WakeNet AB has set up PPI sites which are filled with malicious files and adware. PPI is a type of software program that presents users with third-party offers while they are in the middle of another download. 

Top Vulnerabilities Reported in the Last 24 Hours

Kubernetes flaw
A major security hole has been discovered in a popular cloud container orchestration system, Kubernetes. The flaw is tracked as CVE-2018-1002105 and is a privilege escalation vulnerability. It exists in OpenShift Container Platform 3.x and can allow an attacker to establish a connection to a backend server through Kubernetes API server. 

PNOZmulti Configurator flaw 
A vulnerability in Pilz PNOZmulti Configurator software could allow remote attackers to read sensitive data in clear-text. The software is widely used in industries such as Oil and Gas, Manufacturing, Chemicals and Power plant. By exploiting the flaw in the software, adversaries could access the system passwords and later use them to alter configuration files.

Webafrica ticket support system flaw
Webafrica has reported a flaw in its online ticket monitoring system. The flaw can allow customers to access conversations between other Webafrica users and the company's support staff. The company has fixed the issue soon after the discovery of the flaw. In addition, it has also reported that at any given point of time, no confidential details of customers were compromised or exploited by attackers.

Top Breaches Reported in the Last 24 Hours

Quora suffers a breach
Quora, a well-known social platform has suffered a data breach that resulted in the compromise of account information and private messages of about 100 million users. The breach occurred after hackers gained unauthorized access to a Quora's system. The compromised information includes names, email addresses, IP, encrypted passwords and IDs of users.

Ames'parking ticket system breached 
The city of Ames has reported a parking ticket breach that may have exposed sensitive information of 4,600 residents. The breach occurred between August 10 and November 19, 2018. The information exposed in the breach includes payment card information, names, addresses and email addresses.

Equity Concepts data breach
Equity Concepts has been hit by a data breach that may have resulted in the compromise of its employees' email accounts. The affected email accounts contained client information including employees'names, financial account numbers, and Social Security numbers. The breach occurred after an unauthorized person gained access to certain email accounts.






  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.