Cyware Daily Threat Intelligence March 28, 2018

See All
Top Malware Reported in the Last 24 Hours
Hajime botnet
A new IoT botnet, dubbed Hajime, has been discovered carrying out massive suspicious scans for port 8291 on unpatched MikroTik devices. Here, the attackers used the Chimay Red vulnerability that affects MikroTik RouterOS firmware 6.38.4 and earlier. This vulnerability allows hackers to execute code and install the Hajime bot.

Grey Heron spyware
Security experts have come across an advertising malware called Grey Heron. The malware is specifically designed to steal data from Signal and Telegram messaging apps. Investigations conducted by the Motherboard firm revealed links between the company and the Italian surveillance firm, Hacking Team.

A new malware campaign has been noticed spreading through the description in videos on YouTube. The Trojan.PWS.Stealer.23012 virus steals files and other confidential information from the infected device. The malware is written in Python and infects computers running Microsoft Windows.

Top Vulnerabilities Reported in the Last 24 Hours
Librelp stack overflow vulnerability
A security patch has been released for a critical vulnerability (CVE-2018-1000140) discovered in librelp. The security issue is found to have caused due to a call to snprintf. If attackers manage to control the data provided to snprintf, it can lead to a stack overflow and the potential to remotely execute code.

Microsoft’s Meltdown fix made PCs insecure
A couple of months ago, Microsoft released Meltdown mitigation for Windows 7 systems. Researchers found a new vulnerability in the patch that can allow any process to read the complete kernel memory at speeds--as much as gigabytes per second. Microsoft has already fixed the issue.

OpenSSL update patches
OpenSSL has released patches to three vulnerabilities in patch versions 1.1.0h and 1.0.2o. The three security flaws include CVE-2018-0739--a denial-of-service (DoS) vulnerability, CVE-2018-0733--that allows hackers to forge authenticated messages, CVE-2017-3738--an overflow bug.

Top Breaches Reported in the Last 24 Hours
2100 patients die each year due to data breaches
Dr. Sung Choi, a researcher at the Vanderbilt University claimed that more than 2100 patients die each year due to data breaches affecting hospitals. The report was released after analyzing the data from HHS and CMS to compare patient-care metrics at hospitals that have experienced a data breach and comparing them with hospitals that haven't.

Baltimore's 911 dispatch system hacked
Cybercriminals have managed to hack Baltimore's 911 dispatch system and shut it down temporarily. The computer-aided dispatch or CAD system was infiltrated, affecting he computer-aided dispatch or CAD system. This means the information was relayed by call center support staff manually.

Brute force attack on Northern Ireland Assembly
Unknown hackers have launched a brute force attack on the Northern Ireland Assembly Commission’s Email services. The Assembly Commission’s IT system has already taken steps to enhance security. Staff was already asked to change their passwords, immediately.


    • Share this blog:
    Cyware Daily Threat Intelligence March 29, 2018
    Cyware Daily Threat Intelligence March 27, 2018
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.