Cyware Daily Threat Intelligence July 03, 2018

Top Malware Reported in the Last 24 Hours
SmokeLoader malware
A new version of the SmokeLoader malware has been discovered by security researchers from Cisco Talos. This new version has been seen using the PROPagate Injection technique for the first time. The campaign uses malicious email attachments to spread. This Word document has a macro embedded.

Malware in Fortnite cheating app
A new malware that has been used to launch Man-in-the-Middle (MitM) attacks has been discovered in Fortnite cheating apps. These apps provide the software that allows players to cheat at the game. The app, now removed, had over 78,000 downloads and it may be hosted in multiple locations.

Nozelesn ransomware
A ransomware, that encrypts a user's files and appends the .nozelesn extension, has been discovered targeting Poland. Once infecting a system, it creates a a ransom note that contains instructions on how to login to a TOR payment server at lyasuvlsarvrlyxz[.]onion to receive instructions.

Top Vulnerabilities Reported in the Last 24 Hours
Facebook bug
A vulnerability has been detected in Facebook that affected more than 800,000 users. The bug allowed blocked users to check published posts and also send messages through Messenger. The bug was reportedly active between May 29 and June 5. Facebook fixed the issue.

Authentication bypass bug in Dell
A new flaw, tracked as CVE-2018-11052, has been discovered affecting Dell EMC ECS versions 3.2.0.0 and 3.2.0.1. This authentication bypass flaw can potentially be exploited by malicious users to compromise the affected ECS system. Customers are advised to apply the patch by opening a Dell EMC ECS service request.

DeepLink Element in Windows 10
An infection vector has been discovered by researchers that allows attackers to embed a specially-crafted settings file into an Office document. Thus attackers can trick a user to run malicious code without any further warning or notification. This allows shell command execution via a file open step.





  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.