Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence August 14, 2018 - Featured Image

Daily Threat Briefing Aug 14, 2018

Top Malware Reported in the Last 24 Hours

**KeyPass
**A new variant of the STOP ransomware, called KeyPass, has recently emerged. The ransomware is believed to be spreading rapidly and is capable of hijacking a computer and encrypting all files. KeyPass' distribution method is still unknown. It can be removed using special anti-malware programs.

**Andromeda
**Law enforcement authorities shut down the Andromeda botnet last year. However, the botnet is still infecting numerous PCs. Security experts believe that only Andromeda's C2 servers were taken down and not its endpoints, which still appear to be thriving. The currently infected PCs could be used by attackers to conduct DDoS attacks.

**DeepLocker
**DeepLocker is a highly evasive and targeted malware that is powered by AI. The malware is capable of infecting numerous computers without being detected. DeepLocker's AI identifies targets via facial recognition, geolocation, and voice recognition. An open-source facial recognition tool called Social Mapper can be used to target victims across multiple social networks at once. DeepLocker can hide malicious payloads in benign applications to evade malware scanners and anti-virus programs.

Top Vulnerabilities Reported in the Last 24 Hours

**HP printers flaws
** Two critical vulnerabilities have been discovered in the fax protocol of HP OfficeJet Printers. When combined with the EternalBlue exploit, these two stack-based buffer overflow flaws could attackers to infiltrate PCs connected to the printers. HP has issued patches for both the flaws. Users are recommended to use the latest Windows OS as well.

**ZTE bugs
** DHS-funded researchers revealed that smartphones made by China-based ZTE are loaded with vulnerabilities that could allow attackers the ability to compromise devices and steal user data, including emails, and text messages. The vulnerabilities provide hackers with a loophole to access users' data without their knowledge. ZTE claims its working with US network carriers to issue updates to fix the bugs.

**NetComm flaws
** Two critical flaws have been found in NetComm routers. The Cross-site Request Forgery (CSRF) and the Cross-site Scripting (XSS) flaws, if exploited, could allow attackers to hijack devices. An Information Exposure Through Directory Listing bug could also be triggered by an attacker to gain the complete index of all the resources located inside of the directory.

Related Threat Briefings