Cyware Daily Threat Intelligence November 07, 2017

Top Malware Reported in the Last 24 Hours
Cryptocurrency miner in pay-per-view site
There is a strong suspicion that UFC.com’s pay-per-view streaming website Fight Pass houses Coinhive cryptocurrency miner. The miner surreptitiously hijacks the computing devices of visitors to mine the digital currency Monero. It was discovered by a Reddit user, who suddenly found his machine slowing down and his antivirus kicking in when on Fight Pass.

Malware abuses digital certificates
In a recent discovery, hackers are relying on malware signed with compromised digital certificates to bypass system protection mechanisms based on code signing. These code signing certificates are associated with trusted software vendors for signing malicious code. This reduces the chance of detection.

Top Vulnerabilities Reported in the Last 24 Hours
Flaw in Brother Printers
A vulnerability in the web front-end of Brother printers allows an attacker to launch a Denial of Service attack. This vulnerability appears to affect all Brother printers with the Debut web front-end.

Cisco DoS vulnerability
A DoS vulnerability that existed in Cisco’s IOE XE software is now patched. The flaw was caused due to changes to its implementation of the Border Gateway Protocol (BGP) over an Ethernet VPN. The Cisco IOS XE operating system automates network operations and manages wired and wireless networks.

Router misconfiguration
In a recent discovery, a misconfiguration has lead to a routing issue that created a ripple effect and has been causing problems for companies like Comcast, Spectrum, Verizon, Cox, and RCN across the country. Some of the Comcast users started reporting internet outages around the time of the Level 3 outages, however, the company managed to mitigate just in time.

Top Breaches Reported in the Last 24 Hours
Electroneum hit by cyberattack
In an astonishing discovery, a UK-based cryptocurrency startup — Electroneum — recently raised £30 million ($40 million USD) through its token sale. Just days later, the company has been hit by a cyber attack that has locked investors out of their accounts.

OceanLotus hacker group
A notorious hacker group — OceanLotus — has been reported to have compromised over 100 websites and Advanced Persistent Threat 32 (APT 32) allegedly backed by Vietnam. Of the compromised sites, around 80 belonged to human rights and opposition groups within Vietnam. Other sites included government ministries in Laos and Cambodia, the Chinese GPS-equivalent BDStar, and Association of Southeast Asian Nations.

WWE star’s intimate photos leaked
In a recent data breach, a new batch of WhatsApp screenshots and intimate photos of the WWE diva Paige (real name is Saraya Jade-Davis) was published on a popular celebrity leak website. Other popular WWE celebrities were also targeted by the same hackers. The content was also shared on Twitter.

Top Scams Reported in the Last 24 Hours
Visa scam
In a new scam, two fake websites and an e-mail account based in Kenya are charging extra for the visitors applying for visas online. Acting as an intermediary for visa application, these websites are duping people of their money.

WhatsApp scam
In another scam, dozens of social media users have complained about a scam that involves £250 voucher purportedly from UK supermarkets. The suspicious link will lead the victims to an external site asking for the personal details.

Bitcoin multiplier scam
New Ponzi schemes have cropped up to exploit the popularity of Bitcoin. One Ponzi scheme involves duping people into believing that their Bitcoins could be doubled. Although it’s an old scheme the too-good-to-be-true offers still manage to find some victims.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.