Share Blog post
A new custom-built malware has been discovered by security researchers that could denote the return of the notorious Chinese hacker group--Iron Tiger. The campaign is dubbed Operation PZChao, and is targeting institutions in the government, technology, education, and telecommunications sector in Asia and the US.
A new strain of Gojdue ransomware, dubbed ShurL0ckr, has been detected. This ransomware is able to elude detection from a majority of anti-virus (AV) engines and cloud applications including Google Drive and Microsoft Office 365. The ransomware is found to be demanding Bitcoin as ransom.
In the newly released update, Version 3.8.4, Joomla released patches to a SQL injection vulnerability and three cross-site scripting (XSS) vulnerabilities, apart from 100 bug fixes. The vulnerabilities allowed an attacker to leak password hashes or hijack a logged-in user's session.
Patch released for Hotspot Shield bug
A vulnerability, dubbed CVE-2018-6460, is now patched. The bug found in Hotspot Shield VPN utility can be exploited by attackers to obtain sensitive information--such as users’ location and possibly their identity. Users are advised to update their Hotspot Shield.
Vulnerable gas station software
The SiteOmat Station Automation Software has been found to be vulnerable to a variety of attacks. Several flaws--including hardcoded credentials (CVE-2017-14728), persistent XSS (CVE-2017-14850), SQL injection (CVE-2017-14851), insecure communications (CVE-2017-14852), code injection (CVE-2017-14853), and remote code execution (CVE-2017-14854)--were found.
An unknown users published what is claimed to be the iBoot component of Apple's iOS on GitHub. The code is used for verifying iOS kernel signing, as well as performing other critical tasks related to loading the mobile operating system. There is no response from Apple regarding the breach yet.
Breach at Swisscom
A data breach at Swiss telecom company, Swisscom, resulted in data leak of 800,000 of its clients. The breach took place in autumn of 2017. Non-sensitive data such as customers’ names, addresses, telephone numbers and dates of birth were leaked. Fortunately, passwords, conversations or payment data weren't compromised.
Posted on: February 08, 2018
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...