Cyware Daily Threat Intelligence January 23, 2018

Share Blog post

Top Malware Reported in the Last 24 Hours
Zyklon
The Zyklon malware that was first spotted in 2016, has resurfaced exploiting vulnerabilities in MS Office—CVE-2017-8759, CVE-2017-11882 and a vulnerability in the Dynamic Data Exchange communication mechanism. The malware is used to launch DDoS attacks, or mine cryptocurrency, or steal sensitive information.

Eviral
A new Trojan has been spotted in the Russian underground forums, with an ability to steal browser cookies, credentials, and even information stored in Windows Clipboards. Evrial is being advertised in the Russian criminal forum for as little as US $27.

Top Vulnerabilities Reported in the Last 24 Hours
Blizzard Games
A critical vulnerability was spotted in Blizzard games, which could allow attackers to install malware on gamers' computers. The vulnerability is a big concern to billions of people who play games like World of Warcraft, Overwatch, Diablo III and other online games created by Blizzard Entertainment.

Seagate GoFlex Products
Seagate patched Cross-site Scripting (XSS) vulnerabilities in its GoFlex products. The flaw occurred due to the inability of the web app to perform input validation for the arbitrary values passed to the specific HTTP parameters. This would allow hackers to execute XSS payloads to perform multiple variations of web attacks.


 Tags

Posted on: January 23, 2018

Get the Daily Threat Briefing delivered to your email!



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.



Join Thousands of Other Cyware Followers!