Cyware Daily Threat Intelligence March 08, 2018

Top Malware Reported in the Last 24 Hours
Adwind RAT
Spoofed emails, disguised as important Swift messages, are being used to by hackers to spread the cross-platform remote access trojan (RAT) Adwind. The RAT is configured to communicate with a the C&C server of the hacker. Once the communication is established, attackers can remotely access the file system to read, write or delete files.

FlawedAmmyy RAT
A previously undocumented RAT, called FlawedAmmyy, is being distributed through two massive email campaigns. The Trojan is based on leaked source code for version 3 of the Ammyy Admin remote desktop software. Users are advised not to open emails that come from strangers.

Dofoil Trojans
New variants of Dofoil trojan, a.k.a Smoke Loader have been blocked by Windows Defender AV.  The Trojan was found carrying coin miner payloads--the are used to mine NiceHash cryptocurrency.

Top Vulnerabilities Reported in the Last 24 Hours
Patch for Java Deserialization
New security updates have been released by Cisco, for two critical vulnerabilities--including CVE-2018-0147 and CVE-2018-0141--among 20 other issues. These vulnerabilities have been patched in Cisco Secure ACS 5.8.0.32.9 Cumulative Patch and Cisco Prime Collaboration Provisioning Software Releases 12.1 respectively.

Chrome 65 update
Chrome 65, which includes 45 security fixes developed via the developer channel versions, has been released by Google for Android, Mac, Windows, and Linux users. Chrome 65 for Android and others will be available for download through Google Play in the next few weeks.

Cisco Access Control Server is vulnerable
The Cisco Access Control Server (ACS) is found to be vulnerable to remote attacks. Hackers can gain access to the Web-based user interface of the Cisco Secure Access Control Server due to the CVE-2017-12354 flaw. The flaw results in improper handling of XML External Entities (XXEs) when parsing an XML file.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.