Cyware Daily Threat Intelligence July 18, 2018

Top Malware Reported in the Last 24 Hours
King Ouroboros ransomware
The King Ouroboros ransomware hails from the CryptoWire family. The ransomware authors have taken to Twitter to vent out their frustration over being called scammers. The ransomware, like others of its kind, demands a ransom, providing contact and payment instruction details. Fortunately, the ransomware can be removed using legitimate anti-malware tools.

Luminosity RAT
The creator of the Luminosity RAT was recently arrested and has pled guilty. Luminosity RAT allowed attackers to secretly infect a targeted device by disabling its anti-virus or anti-malware program and then spy on the victim by monitoring their online activities. The malware infected victims across 78 countries and was sold to over 8,500 people. Luminosity was also used by Nigerian hackers in a phishing campaign which targeted industrial companies.

GoldenCup malware
GoldenCup is a malicious app that drops a spyware, which specifically targets soccer fans. The malware is distributed via the Google Play store and is capable of stealing SMS messages, contacts, photos, videos and location data.

Top Vulnerabilities Reported in the Last 24 Hours
Access control policy bypass flaw
A vulnerability has been discovered in the detection engine of Cisco FireSIGHT System Software. The bug allows remote attackers to bypass a URL-based access control policy designed to block traffic for an affected system. Patches are available for this issue. Users are advised to upgrade to the latest version. 

Memory corruption bug
 Microsoft's scripting engine contains a vulnerability that could allow attackers to conduct remote memory-corruption attacks. A successful exploit could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights. Users can stay safe from attacks by updating to the latest patched version of the software.

Privilege escalation vulnerability
A vulnerability has been detected in the  Microsoft Windows File Picker. The flaw can allow hackers to conduct a privilege escalation attack. The bug can also allow attackers to bypass current sandbox techniques. Patches are available for this issue. It is highly recommended that users upgrade to the latest version.

Top Breaches Reported in the Last 24 Hours
CarePartners data breach
Canadian home care service provider CarePartners was hit by a data breach which saw hackers gain access to patient and employee data. The compromised data includes thousands of patient medical records such as phone numbers, addresses, dates of birth, health card numbers, and detailed medical histories. 

LabCorp Diagnostics breach
North Carolina-based LabCorp Diagnostics was hit by hackers. The attack forced the firm to shut down its networks. The attack temporarily impacted test processing and customer access to test results. LabCorp is working to restore full system functionality as fast as possible. Experts believe this could be a dangerous hack as hundreds of networked labs in the US are interconnected centrally with LabCorp headquarters.





  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.