Share Blog post
A new ransomware, dubbed Data Keeper, has been discovered by security researchers in the wild. The ransomware is generated by a new Ransomware-as-a-Service (RaaS) service and is coded in .NET. The authors of Data Keeper are encouraging users to generate ransomware samples and distribute them to victims, with the promise of receiving a share of the ransom fee.
The Avzhan DDoS, initially discovered in 2010, made a comeback via a Chinese drive-by-attack. The most important capabilities of the bot are the different DDoS attacks that can be carried out remotely on any target. Few additions have been made to the malware to increase obfuscation capabilities.
OilRig threat actors are running a campaign which involves sending spoofed emails containing a malicious Microsoft document aka ThreeDollars--in order to spread the OopsIE Trojan. The threat group is adopting these new techniques to evade identification.
A new malspam campaign has been discovered using malicious word documents to exploit the latest Flash vulnerability (CVE-2018-4878). The critical vulnerability exists in Adobe Flash Player 126.96.36.199 and earlier versions. Adobe has already released a patch for the bug.
Critical vulnerabilities in Drupal
Multiple vulnerabilities discovered in Drupal 7 and 8 have been patched. One moderately critical flaw is an access bypass issue that can allow users to view or download files on the private file system. The second flaw in Drupal 7 is a jQuery cross-site scripting vulnerability which occurs when Ajax requests.
Posted on: February 26, 2018
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.