Cyware Daily Threat Intelligence November 06, 2017

Top Malware Reported in the Last 24 Hours
Crunchyroll website hosts malware
The popular anime website is the new-found home for malware. According to security researchers, attackers used a DNS hijack to redirect users to a fake copy of the website in order to deliver the malware. Visitors when logged onto Crunchyroll, they were asked to download a desktop version of the software. This trick is to inject malware into the user’s device.

SEO to trap victims
Hackers have used a new trick to get users into downloading the malware. A combination of optimized SEO terms and compromised websites are used to carry out the plan. The attackers to choosing trending keywords to direct users into the trap and infect their devices with a malicious program that works toward achieving their malicious goal.

Top Vulnerabilities Reported in the Last 24 Hours
iOS glitch
A strange glitch affected iOS versions 11.0.3 and 11.1 that replaces the letter “I” with “A[?]” in text messages. The bug is affecting devices including the iPhone, iPad or iPod touch running on the above-mentioned versions. To fix it temporarily, users should switch off the predictive text autocorrect feature.

Cisco Aironet EAP vulnerability
A vulnerability is plaguing the Extensible Authentication Protocol (EAP) — the ingress frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points. The flaw arises due to insufficient validation of the EAP frame. An attacker could exploit this vulnerability by sending a malformed EAP frame to the targeted device.

Crypto vulnerabilities of IEEE P1735
The weak cryptography in IEEE P1735 electronics standard has facilitated attackers to extract highly-valuable intellectual property in plaintext. The investigations have revealed that one of the vulnerabilities allows attackers to bypass encryption safety guards and access intellectual property.

Top Breaches Reported in the Last 24 Hours
Hackers hijack Trump’s websites
In the recent discovery, at least 195 web addresses belonging to Donald Trump and his family or business empire were hijacked four years ago by hackers possibly operating out of Russia. This was found when users visiting the compromised websites were redirected to servers located in Russia. Those servers might have contained malware used for stealing passwords.

Paradise papers
In a massive leak of financial documents, the breach has revealed how the powerful and ultra-wealthy, including the Queen's private estate, allegedly invest vast amounts of cash in offshore tax havens. Donald Trump's commerce secretary is also shown to have a stake in a firm dealing with Russians sanctioned by the US.

The Times of Israel website defaced
A Turkish group hacked The Times of Israel on its 100th anniversary of the Balfour Declaration. Hackers affiliated with the hacking group Akincilar/Cyber-Warrior claimed responsibility for the cyberattacks and briefly took over the news websites.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.