Cyware Daily Threat Intelligence October 31, 2018

Top Malware Reported in the Last 24 Hours

SamSam ransomware
Security experts discovered that the SamSam ransomware has infected 67 organizations across the globe in 2018. Of the 67 organizations targeted, over 80 percent are located in the US. The ransomware also targeted a small number of organizations in Portugal, France, Australia, Ireland, and Israel. Unlike other ransomware variants, SamSam attacks begin remote desktop protocol (RDP) compromise via either brute force attacks on networks or by using stolen credentials.

CommonRansom
Security researchers have discovered a unique ransomware called CommonRansom. Apart from demanding a Bitcoin ransom, the malware also demands remote desktop protocol (RDP) access and admin credentials. Although the ransomware is still not considered to be a major threat, the Bitcoin address linked to it has seen some activity. 65 bitcoins were transferred out of this bitcoin address and sent to another account that has received funds from over 11,000 other bitcoin addresses. 

Top Breaches Reported in the Last 24 Hours

Eurostar
Eurostar recently detected an intrusion attempt which prompted them to reset the passwords to all user accounts. The breach involved hackers using users' email and passwords to infiltrate systems. The malicious activity was recorded between October 15 and 19. It is still uncertain whether the attack led to any loss of data. 

Predpol
The predictive policing tool, Predpol, accidentally exposed information regarding 17 communities and police departments that it is working with. According to researchers, Predpol assigns easy-to-guess subdomains to each Predpol customer. The subdomains are login portals for police officers. These subdomains were found to be associated with American cities, which suggest that PredPol has likely been quietly implemented in police departments across the US. 


 Tags

eurostar
samsam ransomware
predpol
commonransom

Posted on: October 31, 2018



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.