Go to listing page

Cyware Daily Threat Intelligence February 28, 2018

Cyware Daily Threat Intelligence February 28, 2018

Share Blog Post

Top Malware Reported in the Last 24 Hours
Thanatos ransomware
A new ransomware, dubbed Thanatos, has been discovered in the wild. Thanatos Ransomware encrypts a file by generating a new encryption key for every file encrypted, and then appends the .THANATOS extension to an encrypted file's name. After completing the encryption, the malware connects to a specific URL to report back, thus allowing attackers to keep track of the number of infected victims.

Mobef ransomware
The ransomware has been detected affecting Italian users. The ransomware encrypts user files without changing the file extension and drops a file containing the instructions on how to pay the ransom.

New Android malware
Security researchers have discovered a new Android malware--called RedDrop--that steals a range of data from infected devices. The malware hoovers up live recordings of its surroundings, files, photos, contacts, notes, device data and information about saved Wi-Fi networks and nearby hotspots. However, a give-away is that the malware sends out silent text messages to premium numbers in order to make money.

Top Vulnerabilities Reported in the Last 24 Hours
Adobe releases patches
A new arbitrary code execution flaw discovered in Adobe Acrobat Reader DC, has been patched by Adobe. The flaw stems from Adobe ReaderDC’s ability to support embedded Javascript scripts in the PDF. This allows hackers to control memory layout and get that opening to attack.

Empty password flaw
A bug, CVE-2018-0121, has been discovered in Cisco's Elastic Services Controller (ESC). Unauthenticated, remote attackers can exploit the bug by sending in an empty password and gaining admin access to an affected system. They can then execute arbitrary actions with administrator privileges.


Posted on: February 28, 2018

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.