Cyware Daily Threat Intelligence June 21, 2018

Threat Intelligence

Share Blog Post

Top Malware Reported in the Last 24 Hours

GZipDe delivers Metasploit payload
A new malicious document has been detected targeting the Shanghai Cooperation Organization Summit. The server has been found delivering a Metasploit payload. The malware has a .NET downloader which uses a custom encryption method in order to evade detection.

Red Alert v2.0
The Red Alert v2.0 bot is using spam messages that contain an Android App attachment in order to spread itself. The spam emails claim that the attachment was a dating app, called SilverBox. The target SDK version code of the app is Android Marshmallow and later. The bot is mainly targeting banks, retail applications, payment services, and social media channels.

Mylobot malware
A new botnet, called Mylobot, has been discovered by security researchers. This is an extremely evasive botnet with unique leverage of command and control servers and allows hackers to take complete control of a user’s system. The malware is used to install spambots, keyloggers, banking trojans etc.

Top Vulnerabilities Reported in the Last 24 Hours

Cisco products vulnerable to POODLE attacks
Security researchers have discovered that two Cisco products are vulnerable to POODLE attacks. The affected products are Cisco’s Adaptive Security Appliance Software and Application Control Engine module. Hackers launch these attacks in order to disclose HTTP cookies or other HTTP authorization content which gets transmitted over a TLS v1.x secure session.

Out-of-bounds flaw discovered
An out-of-bounds flaw has been discovered in Chromium and Chrome versions less than 67.0.3396.87. This flaw can be leveraged by a remote attacker to launch arbitrary code in the infected device. Users are advised to upgrade to the latest version 67.0.3396.87 in order to stay safe.

DoS flaw in Cisco Meeting Server
A Denial of Service flaw has been discovered by security researchers in the Web Admin interface of Cisco Meeting Server. The flaw arose due to insufficient validation of incoming HTTP requests. Affected products include Acano X-Series, Cisco Meeting Server 1000, and Cisco Meeting Server 2000.

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

Cyber Fusion Center

Intel Exchange

Intel Exchange Lite

Collaborate

Respond

Orchestrate

Threat Intelligence Ecosystem

Solutions for ISACs, ISAOs, and CERTs

Solutions for ISAC, ISAO, and CERT Members

Intel Exchange Spoke

Cyware Browser Extension

Partners & Integrations

Channel Partners

MSSPs

Technology Alliances

Open APIs

MISP

Register a Deal

CywareOne Login

Resources Library

Resource Library

Cyware Labs: Research & Threat Briefings

Security Guides

Free Threat Intel Feeds

Webinars & Videos

Community Resources

Cyware Academy

Contact Us

Leadership

Careers

Cyware in the News

Press Releases

Compliance

Cyware Daily Threat Intelligence June 21, 2018

Share Blog Post

Tags

More from Cyware

The Virtual Cyber Fusion Suite

Explore Solutions

Capabilities

Resource Library

Use Cases