Share Blog post
The Zyklon malware that was first spotted in 2016, has resurfaced exploiting vulnerabilities in MS Office—CVE-2017-8759, CVE-2017-11882 and a vulnerability in the Dynamic Data Exchange communication mechanism. The malware is used to launch DDoS attacks, or mine cryptocurrency, or steal sensitive information.
A new Trojan has been spotted in the Russian underground forums, with an ability to steal browser cookies, credentials, and even information stored in Windows Clipboards. Evrial is being advertised in the Russian criminal forum for as little as US $27.
A critical vulnerability was spotted in Blizzard games, which could allow attackers to install malware on gamers' computers. The vulnerability is a big concern to billions of people who play games like World of Warcraft, Overwatch, Diablo III and other online games created by Blizzard Entertainment.
Seagate GoFlex Products
Seagate patched Cross-site Scripting (XSS) vulnerabilities in its GoFlex products. The flaw occurred due to the inability of the web app to perform input validation for the arbitrary values passed to the specific HTTP parameters. This would allow hackers to execute XSS payloads to perform multiple variations of web attacks.
Posted on: January 23, 2018
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.