Go to listing page

Cyware Daily Threat Intelligence October 24, 2017

Cyware Daily Threat Intelligence October 24, 2017

Share Blog Post

Top Malware Reported in the Last 24 Hours
LokiBot Trojan
In a recent discovery, LokiBot, a new Android banking Trojan that transforms into ransomware and locks users’ phones when they try to remove it has been found. It shows fake login screens on top of popular apps. LokiBot targets both banking and non-banking apps. The malware works on Android 4.0 and higher.

Magniber ransomware
Recently, a new ransomware that is being distributed by the Magnitude exploit kit was found. However, in the last couple of days reports have surfaced that this ransomware has primarily targeted South Korea via malvertisements on attacker-owned domains.

Top Vulnerabilities Reported in the Last 24 Hours
Sarahah flaw
The popular feedback app has been found to be plagued with security flaws. These flaws make the app vulnerable to attacks and can facilitate cybercriminals to bypass the app’s Cross-Site Request Forgery (CSRF) protections. Users are still waiting for an update from the app maker.

Cryptographic cloning
Several thousands of smart cards used by the banks and large corporations are found vulnerable to ROCA. Gemalto IDPrime .Net smartcards are among the affected cards. The vulnerability was discovered in a popularly used code library developed by Infineon.

Top Breaches Reported in the Last 24 Hours
Internet Registry breached
The Regional Internet Registry administering IP addresses for the Asia-Pacific dubbed Asia-Pacific Network Information Center (APNIC) has suffered a data breach. The slip up happened in its WHOIS database where the config leaked credentials, including weakly-hashed passwords.

Clinic data breach
Cybercriminals have successfully managed to penetrate into the database of London Bridge Plastic Surgery (LBPS) and managed to steal photos, names and other details belonging to patients including few celebrities. It is reported that the infamous hacker group named The Dark Overlord is behind the attack.


Posted on: October 24, 2017

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite