Go to listing page

Cyware Daily Threat Intelligence October 17, 2017

Cyware Daily Threat Intelligence October 17, 2017

Share Blog Post

Top Malware Reported in the Last 24 Hours
Orcus RAT
Recently, the security researchers have detected a malicious Microsoft Office RTF document that spreads through phishing emails and exploits CVE-2017-8759--a SOAP WSDL parser code injection vulnerability. The RAT payload is disguised as “mozilla.exe”, and facilitates cybercriminals to launch keylogging attacks and remotely access the system and its webcam.

Zberp malware
Some time back, security researchers have encountered a botnet campaign that uses two strains of malware that seem to be an offshoot of the Zeus V2 banking Trojan. Zberp Trojan is a first subvariant of ZeusVM and has code traces from the Carberp malware. It first came to light in 2014, while the second variant Atmos was seen in 2016.

FinFisher malware
A hacker group named BlackOasis used the vulnerability in the Adobe Systems Inc. (ADBE.O) to plant malware into the target system. The hacker group has already targeted Middle Eastern politicians and United Nations officials, opposition bloggers and activists, and regional news correspondents.

Top Vulnerabilities Reported in the Last 24 Hours
Microsoft patches KRACK silently
The major Wi-Fi flaw dubbed KRACK--short for Key Reinstallation Attack--which has created furor across the technology world has already been fixed by Microsoft silently. While Microsoft has already released a patch on October to protect users of Windows devices, Google has confirmed they would be patching any affected devices in the coming weeks.

Vulnerable TPM
It has been discovered recently, Infineon Trusted Platform Module (TPM) chipsets embedded within many modern-day motherboards generate insecure RSA encryption keys. This puts devices at risk of attack from cybercriminals. The vulnerability could result in weak cryptographic keys and thereby, weaken public key against attacks.

Blockchain-based Estonian ID card
A flaw has been discovered in the Estonian ID card based on the Blockchain technology. The ID card records every piece of information with proof of time, identity, and authenticity. But, researchers disclosed that some of the cards using 2048-bit keys were vulnerable to hacking.

Top Breaches Reported in the Last 24 Hours
Microsoft breach under wraps
In a startling revelation, Microsoft was found to be hiding one of its significant breaches. The secret internal database meant for tracking bugs in its own software was broken into by a sophisticated hacking group more than four years ago. It contained descriptions of critical and unfixed vulnerabilities in some of the most widely used software in the world.

Data breach at ShopRite
The data belonging to ShopRite has been found to be breached because an electronic signature device was improperly discarded.The store threw away an electronic signature device from the pharmacy that had been used from 2005 to 2016. Information leaked included names, phone numbers, dates of birth, prescription numbers, medication names, the person's signature, driver's license numbers etc.

We Heart It
Recently, the image-sharing social media app reported a possible data breach. The breach reportedly leaked email addresses, usernames and encrypted passwords of over 8 million accounts, created between 2008 and 2013.


Posted on: October 17, 2017

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.