Cyware Daily Threat Intelligence May 17, 2018

Top Malware Reported in the Last 24 Hours
Telegram targeted
A new malware has been reported to collect cache and key files from instant messaging service Telegram. This new malware was first seen on April 4, 2018, with a second variant emerging on April 10. The second variant is capable of stealing login credentials and collecting Telegram's desktop cache and key files.

Alexa used as spyware
Security researchers from Indiana University, have discovered a new way in which Google Home and Amazon Alexa can be turned into eavesdropping devices, thus launching a series of phishing attacks. This is possible through 'voice squatting' and 'voice masquerading' techniques. Hackers can use these techniques to steal victims' password and other financial details. This can also be used to spread the fake news by accessing any news channel.

WinstarNssmMiner malware
Security researchers have discovered a new form of cryptominer malware, dubbed WinstarNssmMiner, which crashes the system as soon as the antivirus product makes the attempt to remove it. The cryptominer leverage the svchost.exe process to inject its malicious code and begin the mining process.

Top Vulnerabilities Reported in the Last 24 Hours
CISCO releases security patches
CISCO has issued security updates to fix vulnerabilities in multiple products. The patches include fixes for bypass authentication vulnerabilities found in Digital Network Architecture (DNA) Centre and API gateway of CISCO.

ZipperDown flaw
Researchers have discovered a vulnerability named ZipperDown, in iOS apps. The flaw could allow attackers to overwrite the data and execute code on the affected apps. A total of 15,978 iOS apps were found to be affected by the vulnerability. The iPhone users are required to keep all applications up to date to mitigate the risk.

Java-deserialization vulnerability
Numerous SaaS Software Development Kits (SDKs) have been found to be impacted by a Java-deserialization based remote code execution vulnerability. The flaw can allow the hackers to gain privileged access to systems and direct control over the servers.

Top Breaches Reported in the Last 24 Hours
407 ETR's data breached
407 ETR, a company that operates a major toll in southern Ontario, has declared that personal data of around 60,000 people were stolen from its office over a period of last 12 months. The insider threat is claimed to be the reason behind this theft. The stolen data includes account names and phone numbers. However, no financial information was affected by the breach.

Securus' data compromised
A data breach in Securus, a company that helps law enforcement agencies track phones, has led to the exposure of sensitive data of around 2,800 users. The leaked data includes usernames, email ids, phone numbers and passwords.

BCCI suffers a data breach
A misconfigured S3 bucket of BCCI (Board of Control for Cricket) has resulted in the leakage of personal data of several thousands of Indian applicants who had submitted applications between 2015 and 2018. The number of affected people is estimated to be around 15-20 thousand and the exposed data includes name, date of birth, permanent address, medical records, birth certificate, mobile number, SSC certificate of a person.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.