Cyware Daily Threat Intelligence February 26, 2018

Top Malware Reported in the Last 24 Hours
Data Keeper ransomware
A new ransomware, dubbed Data Keeper, has been discovered by security researchers in the wild. The ransomware is generated by a new Ransomware-as-a-Service (RaaS) service and is coded in .NET. The authors of Data Keeper are encouraging users to generate ransomware samples and distribute them to victims, with the promise of receiving a share of the ransom fee.

Avzhan DDoS
The Avzhan DDoS, initially discovered in 2010, made a comeback via a Chinese drive-by-attack. The most important capabilities of the bot are the different DDoS attacks that can be carried out remotely on any target. Few additions have been made to the malware to increase obfuscation capabilities.

OopsIE Trojan
OilRig threat actors are running a campaign which involves sending spoofed emails containing a malicious Microsoft document aka ThreeDollars--in order to spread the OopsIE Trojan. The threat group is adopting these new techniques to evade identification.

Top Vulnerabilities Reported in the Last 24 Hours
Flash vulnerability
A new malspam campaign has been discovered using malicious word documents to exploit the latest Flash vulnerability (CVE-2018-4878). The critical vulnerability exists in Adobe Flash Player 28.0.0.137 and earlier versions. Adobe has already released a patch for the bug.

Critical vulnerabilities in Drupal
Multiple vulnerabilities discovered in Drupal 7 and 8 have been patched. One moderately critical flaw is an access bypass issue that can allow users to view or download files on the private file system. The second flaw in Drupal 7 is a jQuery cross-site scripting vulnerability which occurs when Ajax requests.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.