Share Blog post
The cryptocurrency mining malware — Adylkuzz — has now exploited the same SMB vulnerability (MS17-010) as WannaCry ransomware. Adylkuzz exploits the DoublePulsar and EternalBlue vulnerabilities for attacking systems and neutralizes Server Message Block (SMB).
Terdot hacks social media
The recently discovered Terdot trojan can not only monitor but also modify social media accounts of the victims. The Trojan can alter Facebook, Twitter, YouTube, and Google Plus traffic. Not just that, it can also spy on Microsoft’s live.com login page, Yahoo Mail, Gmail, and various other webmail platforms.
The trojan horse — Speesipro.a — has been recently observed being used by hackers to remotely control victim's PC. It can change the PC settings and remove all the barriers for further infections.
The vulnerability is a use-after-free error that facilitates a malicious SMB1 request to give a remote hacker control over the content of heap memory via a deallocated heap pointer. In addition, another bug that allows server heap memory to be returned to the client without being cleared has also been discovered.
IE memory corruption flaw
A remote code execution vulnerability is identified in the latest versions of Internet Explorer, due to the way it accesses objects in memory. The flaw allows the attacker to leverage the memory corruption for executing arbitrary code allowing him to take control of an affected system.
Scammers are targeting Barclays customers through a text-based scam attempting to steal personal details of the victims. The fraudsters trick customers by creating an urgency and give a number to call and solve the problem. Barclays has already warned the customers not to call on the given number as it isn’t a Barclays number.
Spear phishing attack
Researchers have found that Canadian small and medium-sized businesses are being targeted with spear phishing attacks. A gang is trying to get employees to reveal corporate banking passwords and two-factor authentications. The goal is to take over the account and transfer money to accounts controlled by criminals.
Posted on: November 23, 2017
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.