Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence August 10, 2018 - Featured Image

Daily Threat Briefing Aug 10, 2018

Top Malware Reported in the Last 24 Hours

**North Korea malware
** Security researchers have discovered that several North Korean APT groups have been reusing the same decade-old malicious code in multiple campaigns across the globe. The malicious code has allowed researchers to trace the activities of North Korean hackers.

**Tibet malware campaign
** A recently discovered malware campaign targeting Tibetan diplomats, journalists, activists and NGOs. Security experts have discovered that the campaign is linked to a much larger and older operation called Tropic Trooper. This campaign has been active since at least 2012 and has attacked governments and private sector entities in Taiwan and the Philippines.

**Iran ransomware attack
** A series of ransomware attacks targeted both private and public sectors have been discovered. The attacks are the work of Iranian hackers, who are demanding ransom in the form of bitcoins. Experts suspect that the ransomware attacks, which shut down payment systems at San Francisco Municipal Transportation Agency and UK hospitals, were sparked by the re-imposition of sanctions on Iran.

Top Vulnerabilities Reported in the Last 24 Hours

**Samsung meltdown attack
** Samsung's Galaxy S7 smartphones contain a microchip security flaw, uncovered earlier this year, which could allow attackers to spy on tens of millions of devices. Hackers can exploit the vulnerability by either bypassing hardware barriers or tricking applications into divulging passwords or banking details. Researchers have figured out a way to exploit the Meltdown vulnerability to attack Galaxy S7 handsets. But, Samsung has patched the issue.

**Comcast vulnerabilities
** Two previously unreported flaws in Comcast Xfinity online portal was patched. The first flaw is related to an "in-home authentication page" where a user is able to pay their bills without signing in. The flaws exposed partial home addresses and social security numbers of 26 million users. Comcast has disabled in-home authentication and requires customers to manually input personal information to verify their account when paying a bill. The issues were blocked within hours of discovery, eliminating the possibility of exploition.

Related Threat Briefings