Cyware Daily Threat Intelligence January 23, 2018

Top Malware Reported in the Last 24 Hours
Zyklon
The Zyklon malware that was first spotted in 2016, has resurfaced exploiting vulnerabilities in MS Office—CVE-2017-8759, CVE-2017-11882 and a vulnerability in the Dynamic Data Exchange communication mechanism. The malware is used to launch DDoS attacks, or mine cryptocurrency, or steal sensitive information.

Eviral
A new Trojan has been spotted in the Russian underground forums, with an ability to steal browser cookies, credentials, and even information stored in Windows Clipboards. Evrial is being advertised in the Russian criminal forum for as little as US $27.

Top Vulnerabilities Reported in the Last 24 Hours
Blizzard Games
A critical vulnerability was spotted in Blizzard games, which could allow attackers to install malware on gamers' computers. The vulnerability is a big concern to billions of people who play games like World of Warcraft, Overwatch, Diablo III and other online games created by Blizzard Entertainment.

Seagate GoFlex Products
Seagate patched Cross-site Scripting (XSS) vulnerabilities in its GoFlex products. The flaw occurred due to the inability of the web app to perform input validation for the arbitrary values passed to the specific HTTP parameters. This would allow hackers to execute XSS payloads to perform multiple variations of web attacks.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.