Cyware Daily Threat Intelligence November 28, 2017

Tizi Android spyware
Recently, Google's security team discovered Tizi — a new strain of Android malware. This has been used primarily to target users in African countries. Categorized as spyware, Tizi can carry out a wide range of operations, but most focus on social media apps and activity.

Cobalt malware
The malware abuses a decade and half old vulnerability of Microsoft Office. Analysis of CVE-2017-11882 shows that the infamous Cobalt relies on the flaw to send compromised documents to high-value targets such as banks and financial institutions. The spam email poses as a notification from Visa about some rule changes in its payWave service in Russia. Adobe Flash Player security advisory
Adobe Flash-Player has released important security updates for Windows, Linux, and MacOS. These updates address critical flaws which could lead to code execution. The versions below 27.0.0.187 can be exploited with 'Out-of-bounds' read and 'Use-after-free' vulnerability that can lead to remote code execution.

VoIP vulnerability
In a startling discovery, researchers have come across ways to remotely turn on a phone’s microphone and eavesdrop from anywhere in the world. If the VoIP phone has a webcam, they could also turn that on without anyone’s notice.

PowerDNS flaws
The open-source DNS software vendor — PowerDNS — has buggy products ‘Authoritative’ and ‘Recursor’ that require patching as five bugs related to this have been spotted recently. These bugs can allow hackers to gain control of the DNS records and use them for something nasty. Moody’s analytics hacked
The US government has charged three Chinese nationals with cybercrime offenses and were accused of hacking into Moody's Analytics, Trimble, and Siemens. They are believed to be employees of a cybersecurity firm in Guangzhou and work closely with China’s Ministry of State Security.

Bulletproof Coffee breached
The company behind the trendy energy-boosting, butter-infused java — Bulletproof Coffee — said it has suffered a data breach, compromising the personal and financial details of its customers. It admitted that from May 20 to October 19 of this year, hackers accessed sensitive personal information entered when purchasing stuff online.