Go to listing page

Cyware Daily Threat Intelligence March 22, 2018

Cyware Daily Threat Intelligence March 22, 2018

Share Blog Post

Top Malware Reported in the Last 24 Hours
Qrypter backdoor
A new RAT, dubbed Qrypter, is being touted as a major competitor to existing cross-platform backdoors. This Malware-as-a-Service (MaaS) platform is being used by hackers to inject the tool into victims' systems using phishing emails. Once installed, the tool can manipulate file systems, install additional files, control the Task Manager and gain access to the PC's webcam.

TeleRAT, a new Android Trojan is spreading itself using third-party Android app stores disguised as legitimate apps. The Trojan uses Telegram Bot API to communicate with the command and control (C&C) server and to exfiltrate data. TeleRAT is able to receive and carry out a range of commands and gain access to sensitive information.

Zenis ransomware
The victims of Zenis ransomware are being warned by hackers to pay up the ransom amount or risk losing their infected files forever. The ransomware uses a customized encryption method to encrypt the files of the infected machine. The method of distribution is yet unknown, though there is a possibility of it spreading through remote desktop services.

Top Vulnerabilities Reported in the Last 24 Hours
64-bit pool memory disclosure flaw
A memory disclosure vulnerability was found in the Microsoft Windows Kernel, that can be exploited via REG_RESOURCE_REQUIREMENTS_LIST registry values. Attackers can exploit this flaw to obtain information which can be used to compromise a victim’s system.

Siemens fixes multiple flaws
Siemens has released security updates for its mobile app that fixes several vulnerabilities--including a denial-of-service (DoS) vulnerability that affects the SIMATIC controllers. The flaw has been dubbed CVE-2018-4843, and can be exploited by sending specially crafted PROFINET DCP packets to the target systems.


Posted on: March 22, 2018

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.