Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence April 17, 2018 - Featured Image

Daily Threat Briefing Apr 17, 2018

Top Malware Reported in the Last 24 Hours

Smoke Loader malware
The authors of Smoke Loader have revamped its infection technique and introduced 64bit payload. Significant changes have been made to the malware in order to bypass Windows Defender and other Antivirus software after Microsoft came out with its countermeasures. The current version injects itself into a running instance of Windows Explorer instead of creating a hallow process.

PlugX malware
The PlugX remote access trojan (RAT) has been found spreading via campaigns targeting pharmaceutical organizations in Vietnam, in order to steal drug formulas and business information. Once infecting a system, the malware allows hackers to modify files, log keystrokes, steal passwords and capture screenshots of user activity.

VBScript Downloader
A new VBScript downloader, dubbed ARS VBS Loader, has been found affecting computers running the Microsoft Windows operating system that supports Windows 10. It is a spin-off of a downloader called SafeLoader VBS. The downloader uses fake email attachments to trick users into clicking on them.

Top Breaches Reported in the Last 24 Hours

Instagram accounts hacked
Reports have been released that several Instagram accounts have been hacked, leading to assumptions that the Instagram servers have been compromised. Researchers are suspecting a group called the Saudi Electronic Army behind the breach. However, Instagram says that the problem is a result of a system bug.

Patient data exposed
An unauthorized third party might have gained access to Texas Health Resources last October. The event was part of a larger incident affecting multiple entities across the country. Exposed patient information included names, medical record numbers, birth dates, addresses, insurance information, and clinical information of around 4000 patients.

Related Threat Briefings