Cyware Daily Threat Intelligence June 08, 2018

Threat Intelligence

Share Blog Post

Top Malware Reported in the Last 24 Hours

BabaYaga malware
A malware strain has been discovered targeting WordPress sites with self-preservation technique. Dubbed BabaYaga, this malware can also infect Joomla and Drupal sites, or even generic PHP sites. The malware injects sites with special keyboards to redirect users to affiliate marketing links.

RedEye ransomware
A new ransomware, dubbed RedEye, has been discovered. Unlike other ransomware which encrypt victims' files and holds them for ransom, RedEye was found deleting files. After infecting a system, the ransomware displays a note informing victims that their files have been encrypted using AES256. Victims are asked to access a .onion website and pay 0.1 Bitcoins to a specified address.

Invisimole cyber espionage malware
A powerful and highly-targeted malware, named Invisimole, has been discovered. The malware has the capabilities of creating a backdoor and enabling hackers to have a total view of the computer's activities. It was first picked up in May in computers based in Russia and Ukraine.

Top Vulnerabilities Reported in the Last 24 Hours

Adobe fixes the zero-day flaw
Security updates have been released by Adobe to fix a zero-day vulnerability (CVE-2018-5002) in Flash Player for Windows, macOS, Linux and Chrome OS. The flaw affects Adobe Flash Player 29.0.0.171 and earlier versions. Users are advised to update their Flash versions to 30.0.0.113.

Mozilla addresses multiple flaws
Multiple vulnerabilities in Firefox and Firefox ESR have been patched by Mozilla. A remote attacker could exploit these vulnerabilities to take control of an affected system. Users are advised to update to versions Firefox 60.0.2, Firefox ESR 52.8.1, or Firefox ESR 60.0.2.

Red Hat fixes issues
An update for java-1.7.1-ibm has been released by Red Hat for Red Hat Satellite 5.6 and Red Hat Satellite 5.7. The update addresses several flaws including insufficient validation of the invoke interface instruction, insecure handling, and use of global credentials. Users are advised to restart their systems after installing the updates.

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

Cyber Fusion Center

Intel Exchange

Intel Exchange Lite

Collaborate

Respond

Orchestrate

Threat Intelligence Ecosystem

Solutions for ISACs, ISAOs, and CERTs

Solutions for ISAC, ISAO, and CERT Members

Intel Exchange Spoke

Cyware Browser Extension

Partners & Integrations

Channel Partners

MSSPs

Technology Alliances

Open APIs

MISP

Register a Deal

CywareOne Login

Resources Library

Resource Library

Cyware Labs: Research & Threat Briefings

Security Guides

Free Threat Intel Feeds

Webinars & Videos

Community Resources

Cyware Academy

Contact Us

Leadership

Careers

Cyware in the News

Press Releases

Compliance

Cyware Daily Threat Intelligence June 08, 2018

Share Blog Post

Tags

More from Cyware

The Virtual Cyber Fusion Suite

Explore Solutions

Capabilities

Resource Library

Use Cases