Go to listing page

Cyware Daily Threat Intelligence October 31, 2017

Cyware Daily Threat Intelligence October 31, 2017

Share Blog Post

Top Malware Reported in the Last 24 Hours
Mayhem botnet
Interestingly, Mayhem malware was discovered three years ago by security researchers working for a Russian Internet giant. However, what’s even more interesting is that the botnet has evolved over time and now has gained capabilities that will allow Mayhem to evade detection. Thus, it is advised to prevent the malware from infecting your system by using a Web Application Firewall (WAF).

Matrix ransomware
Security researchers have discovered more background information of Matrix ransomware. The ransomware that had been detected earlier some time, is now found to be using RIG exploit to spread itself via malvertising campaigns. Users are strictly advised to backup their data regularly to mitigate risks.

Sage ransomware
In a recent discovery, the dangerous Sage ransomware which was detected a few days back is now found to be using anti-analysis technique and privilege escalation. The malware is being delivered through spam emails with malicious JavaScript attachments that download the new Sage 2.2 variant.

Top Vulnerabilities Reported in the Last 24 Hours
Cybercrime in Taiwan
Recently, the Far Eastern International Bank in Taiwan became a victim of cybercrime. Hackers planted malware on the banks' systems and were able to route money to their accounts. In response to this, The Thailand Banking Sector Computer Emergency Response Team (TB-CERT), a group of financial institutions under the Thai Bankers' Association (TBA), is alerting consumers to cyberthreats arising from online banking transactions on social media platforms.

Google Bug
A security researcher discovered a stream of bugs in Issue Tracker, Google’s internal bug tracker. General users have very little access to the Issue Tracker, but it was discovered that hackers gained access to the system’s back-end, critical vulnerabilities, and thousands of bug reports by simply spoofing an email address. However, in a swift move, Google has now fixed the vulnerability.

Apache OpenOffice flaw
A vulnerability exists in the OpenOffice Writer DOC file parser, and specifically in the WW8Fonts Constructor. It allows attackers to craft malicious documents that cause a denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.

Top Breaches Reported in the Last 24 Hours
Massive Data Breach
Over 46 million records of telecom subscribers have been leaked and put up for sale online in the backdrop of a massive Malaysian telecom operators breach. The millions of sensitive records were stolen from the Malaysian telephone companies and mobile virtual network operators.

Hacking forum hacked
The underground hacker forum Basetools[.]ws has been found to be compromised and the hacker is now said to be demanding a ransom of $50,000. To coerce the forum, the hacker posted some samples of the compromised database online along with the ransom demand. Basetools[.]ws allows users to trade on stolen credit card information, profile data and spamming tools.

Canadian computer networks vulnerable
Security researchers have discovered the computer networks of the Canadian government are highly vulnerable to state-sponsored cyberattacks. Although the government is successfully blocking 600 million hacking attempts each day, one in 50 is found be successful no matter how small the impact is.


Posted on: October 31, 2017

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.