Cyware Daily Threat Intelligence February 12, 2018

IBM releases patches
To mitigate the Meltdown and Spectre vulnerabilities, IBM has released security patches to its Power server line and Notes Smart Updater. The bugs affected IBM Notes 8.5.x and 9.0.x versions. IBM issued firmware patches for its POWER7 through to POWER9, IBM i operating system, and AIX OS.

Patch exploits on Netgear
Multiple vulnerabilities, including an authentication bypass flaw, have been found on Netgear routers, last year. Other routers—R6400, R7000, R8000, and R7300DST—were affected by a password recovery and file access issue. Starting August 2017, Netgear released patches for these flaws over a three-month period. Users are advised to apply these patches immediately. 4200 sites affected
Over 4,200 websites--including few belonging to the Australia, US and UK governments--have been infected with cryptojacking malware. A website plugin, called Browsealoud, that helps people with low vision, dyslexia and low literacy access the internet was found to be delivering this malware.

Winter Olympic Games website breached
Organizers of the 2018 Winter Olympic Games in Pyeongchang have witnessed several cyber attacks on the website and servers. As per reports, more than 300 computer systems were targeted and most of them have been infected with malware--aimed at stealing sensitive information.

Criminal trying to sell customer data
The Cyber police department of Ukraine caught a person trying to sell about 100 GB of customer data belonging to his former employee. As per the police, the suspect exploited a vulnerability in the database, while he is working at the company. Stolen data contains sensitive information.