Cyware Daily Threat Intelligence June 08, 2018

Top Malware Reported in the Last 24 Hours
BabaYaga malware
A malware strain has been discovered targeting WordPress sites with self-preservation technique. Dubbed BabaYaga, this malware can also infect Joomla and Drupal sites, or even generic PHP sites. The malware injects sites with special keyboards to redirect users to affiliate marketing links.

RedEye ransomware
A new ransomware, dubbed RedEye, has been discovered. Unlike other ransomware which encrypt victims' files and holds them for ransom, RedEye was found deleting files. After infecting a system, the ransomware displays a note informing victims that their files have been encrypted using AES256. Victims are asked to access a .onion website and pay 0.1 Bitcoins to a specified address.

Invisimole cyber espionage malware
A powerful and highly-targeted malware, named Invisimole, has been discovered. The malware has the capabilities of creating a backdoor and enabling hackers to have a total view of the computer's activities. It was first picked up in May in computers based in Russia and Ukraine.

Top Vulnerabilities Reported in the Last 24 Hours
Adobe fixes the zero-day flaw
Security updates have been released by Adobe to fix a zero-day vulnerability (CVE-2018-5002) in Flash Player for Windows, macOS, Linux and Chrome OS. The flaw affects Adobe Flash Player 29.0.0.171 and earlier versions. Users are advised to update their Flash versions to 30.0.0.113.

Mozilla addresses multiple flaws
Multiple vulnerabilities in Firefox and Firefox ESR have been patched by Mozilla. A remote attacker could exploit these vulnerabilities to take control of an affected system. Users are advised to update to versions Firefox 60.0.2, Firefox ESR 52.8.1, or Firefox ESR 60.0.2.

Red Hat fixes issues
An update for java-1.7.1-ibm has been released by Red Hat for Red Hat Satellite 5.6 and Red Hat Satellite 5.7. The update addresses several flaws including insufficient validation of the invoke interface instruction, insecure handling, and use of global credentials. Users are advised to restart their systems after installing the updates.





  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.