Cyware Daily Threat Intelligence February 05, 2018

Top Malware Reported in the Last 24 Hours
ADB.miner
Hackers have developed a new worm which targets Android system’s ADB debug interface. This botnet is called ADB.miner and it is targeting port 5555. The miner only targets devices running the Android OS such as smartphones, TVs, and TV top boxes. 7,400 devices have already been infected by this botnet.

Macro-less malware attacks
A new attack technique--which leverages a built-in feature of MS Office called Dynamic Data Exchange (DDE) to perform code execution--is being used by hackers. Here, victims don't see a prompt to enable macros, allowing attackers to side-step an obstacle and infect a system.

Top Vulnerabilities Reported in the Last 24 Hours
NSA exploits rewritten
Along with NSA exploits such as Eternal Blue, EternalSynergy, EternalRomance, and EternalChampion, the three exploits linked to the CVE-2017-0143 and CVE-2017-0146 Microsoft vulnerabilities, have been rewritten and stabilized to impact Windows operating systems. Two publicly known Metasploit modules are already available to work with these vulnerabilities.

Unpatched DoS flaw
Dubbed CVE-2018-6389, a critical DoS vulnerability has been discovered in WordPress platform. This flaw could allow hackers to take down WordPress CMS platform with a single machine. The vulnerability is currently unpatched.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.