Cyware Daily Threat Intelligence

Daily Threat Briefing • Aug 16, 2017
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Aug 16, 2017
Top Vulnerabilities Reported in the Last 24 Hours
Updates for Microsoft combo exploit
Microsoft has released new updates for a combo exploit campaign. The malicious campaign exploited the vulnerabilities of CVE-2017-0199 and CVE-2012-0158. The hackers apparently used the combo to drop the Lokibot banking Trojan.
Hackers encrypt phishing page with AES
Cybercriminals are sending malicious files camouflaged as an Apple invoice. The attackers have launched a phishing page encrypted with AES and the malicious files sent to the victims lead them to it. The encrypted page asks for users' Apple credentials, once the victims enter them their personal and financial data would be compromised.
Patch released for Windows WSearch Service Vulnerability
Microsoft's Windows operating system has been plagued with a search vulnerability. This flaw leverages the SMB vulnerability jeopardizing several machines hosting Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2 and more. Users should disable WSearch temporarily to mitigate the risk.