Share Blog post
A new Monero mining botnet, dubbed DDG Botnet, has been targeting Redis and OrientDB servers via a brute-force attack on credentials dictionary. Until now, the miner has affected nearly 4,400 servers and has mined over $925,000 worth of Monero.
The Hancitor Trojan, also known as Chanitor, has been spotted evading antivirus detection. According to an AV company, only 3 antivirus engines out of 59 managed to detect the latest spam campaign. The malware was first spotted in 2014 and typically uses standard spam email as its attack vector.
Security researchers have discovered a critical flaw in the web server component of 3S-Smart Software Solutions’ CODESYS WebVisu product. Exploiting this flaw will allow hackers to execute arbitrary code remotely on IC products, affecting hundreds of ICS products.
New Adobe Flash zero-Day vulnerability
South Korea’s Internet & Security Agency (KISA) discovered a new zero-day vulnerability in the Flash player. The vulnerability is known to affect Flash Player 188.8.131.52 and all versions before that. Users are advised to uninstall Flash Player 184.108.40.206 until a new patch is released.
Siemens patches flaws
Three flaws discovered in Siemens TeleControl Basic product have been patched. Users are recommended to update their systems to new versions.
Cyber criminals hijacked BeeToken’s ICO, BeeNest, and stole the email and Telegram details of BeeToken’s customers. Using these details, scammers tricked customers into sending their funds to a different wallet instead of the official BeeToken wallet. It has been estimated that scammers have made as much as US$1 million using this scam.
Bangor Hospital loses patient data
East Maine Medical Center of Bangor revealed that an employee misplaced a hard drive containing medical information of the center’s 660 patients. The hard drive contained names, dates of birth, medical record numbers, one-word condition descriptors, and images.
Posted on: February 02, 2018
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...