Cyware Daily Threat Intelligence March 08, 2018

Share Blog post

Top Malware Reported in the Last 24 Hours
Adwind RAT
Spoofed emails, disguised as important Swift messages, are being used to by hackers to spread the cross-platform remote access trojan (RAT) Adwind. The RAT is configured to communicate with a the C&C server of the hacker. Once the communication is established, attackers can remotely access the file system to read, write or delete files.

FlawedAmmyy RAT
A previously undocumented RAT, called FlawedAmmyy, is being distributed through two massive email campaigns. The Trojan is based on leaked source code for version 3 of the Ammyy Admin remote desktop software. Users are advised not to open emails that come from strangers.

Dofoil Trojans
New variants of Dofoil trojan, a.k.a Smoke Loader have been blocked by Windows Defender AV.  The Trojan was found carrying coin miner payloads--the are used to mine NiceHash cryptocurrency.

Top Vulnerabilities Reported in the Last 24 Hours
Patch for Java Deserialization
New security updates have been released by Cisco, for two critical vulnerabilities--including CVE-2018-0147 and CVE-2018-0141--among 20 other issues. These vulnerabilities have been patched in Cisco Secure ACS 5.8.0.32.9 Cumulative Patch and Cisco Prime Collaboration Provisioning Software Releases 12.1 respectively.

Chrome 65 update
Chrome 65, which includes 45 security fixes developed via the developer channel versions, has been released by Google for Android, Mac, Windows, and Linux users. Chrome 65 for Android and others will be available for download through Google Play in the next few weeks.

Cisco Access Control Server is vulnerable
The Cisco Access Control Server (ACS) is found to be vulnerable to remote attacks. Hackers can gain access to the Web-based user interface of the Cisco Secure Access Control Server due to the CVE-2017-12354 flaw. The flaw results in improper handling of XML External Entities (XXEs) when parsing an XML file.


 Tags

Posted on: March 08, 2018

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!