Share Blog post
A new RAT, dubbed Qrypter, is being touted as a major competitor to existing cross-platform backdoors. This Malware-as-a-Service (MaaS) platform is being used by hackers to inject the tool into victims' systems using phishing emails. Once installed, the tool can manipulate file systems, install additional files, control the Task Manager and gain access to the PC's webcam.
TeleRAT, a new Android Trojan is spreading itself using third-party Android app stores disguised as legitimate apps. The Trojan uses Telegram Bot API to communicate with the command and control (C&C) server and to exfiltrate data. TeleRAT is able to receive and carry out a range of commands and gain access to sensitive information.
The victims of Zenis ransomware are being warned by hackers to pay up the ransom amount or risk losing their infected files forever. The ransomware uses a customized encryption method to encrypt the files of the infected machine. The method of distribution is yet unknown, though there is a possibility of it spreading through remote desktop services.
A memory disclosure vulnerability was found in the Microsoft Windows Kernel, that can be exploited via REG_RESOURCE_REQUIREMENTS_LIST registry values. Attackers can exploit this flaw to obtain information which can be used to compromise a victim’s system.
Siemens fixes multiple flaws
Siemens has released security updates for its mobile app that fixes several vulnerabilities--including a denial-of-service (DoS) vulnerability that affects the SIMATIC controllers. The flaw has been dubbed CVE-2018-4843, and can be exploited by sending specially crafted PROFINET DCP packets to the target systems.
Posted on: March 22, 2018
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.