Cyware Daily Threat Intelligence May 22, 2018

Top Malware Reported in the Last 24 Hours
Vega Stealer
A new malicious program, named Vega Stealer, has been discovered stealing credit card data and saved credentials within the Web-browsers Firefox and Chrome. Vega Stealer is a variant of the August Stealer strain. Users are advised to change existing login information to any accounts they access using Chrome or Firefox. Additionally, disable Autofill in your browsers.

Roaming Mantis upgrades to Cryptomining
The Roaming Mantis DNS hijacking attacks are now improved. The attacks cater to 27 different languages, including English, Spanish, Hebrew, Chinese, Russian and Hindi. It now has the capabilities to attack both Android and iOS users. In addition to stealing sensitive information, the Coinhive Javascript miner is run to exploit the CPU of the machine for maliciously mining Monero.

Top Vulnerabilities Reported in the Last 24 Hours
New variant of Spectre
A security flaw in Intel, ARM and AMD chips has been discovered by security researchers in Microsoft and Google. Dubbed Speculative Store Bypass or “Variant 4”, this flaw affects a broad swath of modern computing chips. The flaw (CVE-2018-3639) is related to the Spectre and Meltdown chip flaws.

LPE vulnerability in Dell
A local privilege escalation (LPE) vulnerability in SupportAssist has been patched by Dell on all new devices running on Windows. The security issue resides in a kernel driver that the tool loads. Hackers can abuse this vulnerability to bypass driver signature enforcement (DSE) ad infinitum. This exposes functionality such as capabilities to read and write the model-specific register (MSR).

Comcast website bug
A new bug has been discovered in Comcast's website used to activate Xfinity routers. The flaw allows hackers to access sensitive information, rename Wi-Fi network names and passwords, thus, temporarily locking users out. For now, the option has been removed from the website.

Top Breaches Reported in the Last 24 Hours
Nuance data breach
Nuance recently announced that it was involved in a healthcare data breach that impacted 45,000 patient records. An unidentified third party has gained access to one of its medical transcription platforms. Names, dates of birth, medical record numbers, patient numbers, and information dictated by the provider of approximately 900 San Francisco Department of Public Health patients were affected.

CSC data breach
Corporation Service Company (CSC) recently notified its customers that the company became a victim of a data breach. Hackers got hold of the company’s network and stole customers’ personal information and payment details. The data breach affected 5000 customers from California. It is unclear whether or not customers outside California have been affected.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.