Cyware Daily Threat Intelligence February 05, 2018

Share Blog post

Top Malware Reported in the Last 24 Hours
ADB.miner
Hackers have developed a new worm which targets Android system’s ADB debug interface. This botnet is called ADB.miner and it is targeting port 5555. The miner only targets devices running the Android OS such as smartphones, TVs, and TV top boxes. 7,400 devices have already been infected by this botnet.

Macro-less malware attacks
A new attack technique--which leverages a built-in feature of MS Office called Dynamic Data Exchange (DDE) to perform code execution--is being used by hackers. Here, victims don't see a prompt to enable macros, allowing attackers to side-step an obstacle and infect a system.

Top Vulnerabilities Reported in the Last 24 Hours
NSA exploits rewritten
Along with NSA exploits such as Eternal Blue, EternalSynergy, EternalRomance, and EternalChampion, the three exploits linked to the CVE-2017-0143 and CVE-2017-0146 Microsoft vulnerabilities, have been rewritten and stabilized to impact Windows operating systems. Two publicly known Metasploit modules are already available to work with these vulnerabilities.

Unpatched DoS flaw
Dubbed CVE-2018-6389, a critical DoS vulnerability has been discovered in WordPress platform. This flaw could allow hackers to take down WordPress CMS platform with a single machine. The vulnerability is currently unpatched.


 Tags

Posted on: February 05, 2018

Get the Daily Threat Briefing delivered to your email!



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.



Join Thousands of Other Cyware Followers!