Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence April 18, 2018 - Featured Image

Daily Threat Briefing Apr 18, 2018

Top Malware Reported in the Last 24 Hours

SquirtDanger malware
The Russian malware author, TheBottle, has developed a commodity botnet malware family called SquirtDanger. The malware is spread via illicit software downloads and persists via a scheduled task that is set to run every minute. SquirtDanger is equipped to take screenshots, send files, clear browser cookies, list processes, kill process among hoards of other tasks.

XiaoBa ransomware has been reprogrammed
Security researchers have recently discovered that the XiaoBa ransomware has been reprogrammed into a cryptocurrency miner. Once infecting a system, the current version of XiaoBa coinminer injects a copy of itself and the legitimate XMRig cryptocurrency mining software inside all EXE, COM, SCR, and PIF files. It also injects a copy of the Coinhive JavaScript library.

Magnitude EK now downloads GandCrab
The Magnitude exploit kit no longer downloads Magniber ransomware. It is now using a fileless technique to load the GandCrab ransomware. The payload is encoded and embedded in a scriplet that is later decoded in memory and executed, thus making the method difficult to detect.

Top Vulnerabilities Reported in the Last 24 Hours

Vulnerabilities in Mar Foscam IP video camera
Around 32 vulnerabilities have been discovered in Foscam's range of IP cameras, C1--a 1-megapixel cube indoor IP camera. These flaws have already been fixed. However, security researchers worry that it is a repeat of what happened last year. In June last year, Foscam had released a firmware update to address 19 remote injection vulnerabilities.

VR software vulnerable to attacks
Virtual reality systems like the HTC Vive and Oculus Rift were found to be vulnerable to cyber attacks by researchers from the University of New Haven. These systems don't have any kind of protection to avoid or stop a cyber attack and have the potential to cause real-world consequences.

Top Breaches Reported in the Last 24 Hours

Ikea suffers a data breach
A data breach has hit Ikea's TaskRabbit app. The app and website have been taken down while investigating the cybersecurity incident. The nature of the incident hasn't been revealed yet. However, the UK's information commissioner's office has mentioned that they're looking into this situation.

Data firm leaks user profiles
Localblox, a data firm that collected personal profiles of 48 million combining data from sites and social networks like Facebook, LinkedIn, Twitter, Zillow, etc., leaked the information online. The company stored the information, without users' consent, in an unlisted Amazon S3 storage bucket without a password, allowing anyone to download its contents.

Related Threat Briefings