Share Blog post
A malware that targets Mac OS X users, named MaMi, has been found. It is a rehash of an old Windows DNS hijacker. MaMi is capable of DNS hijacking, capturing screenshots, simulate mouse events, upload/download files, and execute arbitrary code.
A new strain of cryptocurrency miner, dubbed RubyMiner, was discovered by security researchers. The malware was found to be affecting outdated web servers. Attackers spread this malware by hiding it in robots.txt files. Here, hackers clear all the cron jobs and add malicious cron job which downloads a script, that installs modified version of the legitimate XMRig Monero miner application.
Google's Project Zero researchers found a critical flaw in Transmission BitTorrent app that allows websites to execute malicious code on some users' computers. By exploiting this vulnerability, attackers can command Transmission to download a Torrent called ".bashrc" which would automatically be executed the next time the user opened a bash shell.
Several vulnerabilities in Phoenix Contact
A series of security flaws have been found in Phoenix Contact’s FL Switch industrial Ethernet switches. These are authentication bypass and information exposure flaws. One of these flaws (CVE-2017-16743) has been assigned a CVSS score of 9.8, adding it in the “critical severity” category.
SCADA App Vulnerabilities
It has been found that mobile apps used by SCADA Industrial Control Systems, have 147 security vulnerabilities. The test has been done on 34 ICS apps from Google Play. Of these mobile apps, 32 of them lacked root or code protection, 20 had poor authorization, 20 implemented insecure data storage, and 18 lacked obfuscation.
Posted on: January 16, 2018
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.