Cyware Daily Threat Intelligence October 31, 2018

Top Malware Reported in the Last 24 Hours

SamSam ransomware
Security experts discovered that the SamSam ransomware has infected 67 organizations across the globe in 2018. Of the 67 organizations targeted, over 80 percent are located in the US. The ransomware also targeted a small number of organizations in Portugal, France, Australia, Ireland, and Israel. Unlike other ransomware variants, SamSam attacks begin remote desktop protocol (RDP) compromise via either brute force attacks on networks or by using stolen credentials.

CommonRansom
Security researchers have discovered a unique ransomware called CommonRansom. Apart from demanding a Bitcoin ransom, the malware also demands remote desktop protocol (RDP) access and admin credentials. Although the ransomware is still not considered to be a major threat, the Bitcoin address linked to it has seen some activity. 65 bitcoins were transferred out of this bitcoin address and sent to another account that has received funds from over 11,000 other bitcoin addresses. 

Top Breaches Reported in the Last 24 Hours

Eurostar
Eurostar recently detected an intrusion attempt which prompted them to reset the passwords to all user accounts. The breach involved hackers using users' email and passwords to infiltrate systems. The malicious activity was recorded between October 15 and 19. It is still uncertain whether the attack led to any loss of data. 

Predpol
The predictive policing tool, Predpol, accidentally exposed information regarding 17 communities and police departments that it is working with. According to researchers, Predpol assigns easy-to-guess subdomains to each Predpol customer. The subdomains are login portals for police officers. These subdomains were found to be associated with American cities, which suggest that PredPol has likely been quietly implemented in police departments across the US. 




  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.