Go to listing page

Cyware Daily Threat Intelligence November 15, 2017

Cyware Daily Threat Intelligence November 15, 2017

Share Blog Post

Top Malware Reported in the Last 24 Hours
POS Alina malware
Security researchers recently discovered that infections have been detected at a significant number of bars and restaurants in the United States whose POS terminals were attacked by two variants of credit card theft malware, Alina. Variants are Epson.exe and Wnhelp.exe. Hackers steal financial details of customers and abuse it for their personal goals.

CryptoMix ransomware
A new variant — XZZX — of the notorious CryptoMix ransomware has been found by the security researchers. The new strain appends the extension .XZZX to the encrypted files. However, there is no change in the encryption methods.

OnePlus EngineerMode backdoor
The backdoor EngineerMode was found recently by the security researchers. It’s interesting to note that EngineerMode has been designed to diagnose issues with GPS, check root status of the device, perform specific tests and much more. However, this app can be abused by hackers to gain entry into the device.

Top Breaches Reported in the Last 24 Hours
Forever 21 breached
In a recent discovery, Forever 21 — the fashion retailer — is investigating a potential data breach which may have compromised customer information and payment cards. Customers who shopped in store from March 2017 through October 2017 may be affected. Therefore, customers are advised to keep an eye on their cards and make their banks aware of any unauthorized activity.

Neo-Nazi sites taken down
In another revelation, the hacktivist collective Anonymous has claimed responsibility for taking down over a dozen neo-Nazi sites including cnkkk[dot]net, texaskkk[dot]com, vanguardamerica[dot]online, whitehonor[dot]com. These attacks are a part of the ongoing #OpDomesticTerrorism campaign.

DXC Technologies data leak
It has been discovered that an employee of DXC Technologies accidentally uploaded the firm's private AWS key to a public GitHub repo. Hackers leveraged this opportunity to use the private keys to start 244 AWS virtual machines and bill the firm for $64,000.


Posted on: November 15, 2017

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.