Cyware Daily Threat Intelligence February 02, 2018

Top Malware Reported in the Last 24 Hours
DDG Botnet
A new Monero mining botnet, dubbed DDG Botnet, has been targeting Redis and OrientDB servers via a brute-force attack on credentials dictionary. Until now, the miner has affected nearly 4,400 servers and has mined over $925,000 worth of Monero.

Hancitor Trojan
The Hancitor Trojan, also known as Chanitor, has been spotted evading antivirus detection. According to an AV company, only 3 antivirus engines out of 59 managed to detect the latest spam campaign. The malware was first spotted in 2014 and typically uses standard spam email as its attack vector.

Top Vulnerabilities Reported in the Last 24 Hours
Flaw in CODESYS
Security researchers have discovered a critical flaw in the web server component of 3S-Smart Software Solutions’ CODESYS WebVisu product. Exploiting this flaw will allow hackers to execute arbitrary code remotely on IC products, affecting hundreds of ICS products.

New Adobe Flash zero-Day vulnerability
South Korea’s Internet & Security Agency (KISA) discovered a new zero-day vulnerability in the Flash player. The vulnerability is known to affect Flash Player 28.0.0.137 and all versions before that. Users are advised to uninstall Flash Player 28.0.0.137 until a new patch is released.

Siemens patches flaws
Three flaws discovered in Siemens TeleControl Basic product have been patched. Users are recommended to update their systems to new versions.

Top Breaches Reported in the Last 24 Hours
BeeToken phishing scam
Cyber criminals hijacked BeeToken’s ICO, BeeNest, and stole the email and Telegram details of BeeToken’s customers. Using these details, scammers tricked customers into sending their funds to a different wallet instead of the official BeeToken wallet. It has been estimated that scammers have made as much as US$1 million using this scam.

Bangor Hospital loses patient data
East Maine Medical Center of Bangor revealed that an employee misplaced a hard drive containing medical information of the center’s 660 patients. The hard drive contained names, dates of birth, medical record numbers, one-word condition descriptors, and images.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.