Cyware Daily Threat Intelligence

Daily Threat Briefing • Dec 9, 2017
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Dec 9, 2017
Top Malware Reported in the Last 24 Hours
WordPress malware
A new malware campaign has been unleashed which is threatening WordPress installs. The malicious code tracked as Wp-Vcd hides in legitimate WordPress files and is used by attackers to add a secret admin user and gain full control over infected websites.
Locket ransomware
A screen locker threat -- Locket ransomware -- is scaring victims into paying the ransom by impersonating CryptoLocker ransomware. It is designed to block access to the victim's computer, and then, to restore access to the affected PC.
Quant Trojan
The latest version of Quant Trojan is designed to target cryptocurrency wallets and bitcoins they hold. Quant loader is used as first stage infection which is able to stealthily download more complex bits of malware and enable automatic download of files.
Top Vulnerabilities Reported in the Last 24 Hours
Apple fixes HomeKit flaw
In a relief to the HomeKit users, Apple has reportedly fixed a security flaw for iOS 11.2. The bug allowed unauthorized individuals to access smart locks and garage doors. It was a server-side update, which means, the fix gets automatically updated without any requirement from the users. The fix also temporarily disabled remote access to shared users, which will be restored soon.
Google Chrome vulnerability
Several flaws have been detected in Google Chrome, and CVE-2017-15407 is identified to be the most of them which could result in arbitrary code execution. This vulnerability can be exploited if a user visits, or is redirected to, a specially crafted web page.
WAGO PFC flaw
The WAGO PFC200 PLC series based on Linux contain a vulnerable version of the CODESYS runtime (2.4.7.0). The CODESYS process runs with "root" privileges and can be abused in multiple ways to read/write/delete files or to modify the PLC program during runtime without any authentication.
Top Breaches Reported in the Last 24 Hours
Sinai data breach
Employees of Chicago-based Sinai Health System had their email accounts compromised in a data breach incident recently. This incident is thought to have affected about 11,350 people. Although, the authority was unsure if the patient information has been exposed.
Naked Rowers calendar hit
In a recent incident, the website used to sell merchandise for the University of Warwick's rowing club was hit with a DDoS attack. The team magazine was banned for sale in Russia and this is said to have prompted the attack. The team has spoken out against homophobia in sports and sells its nude team calendar on its website to help raise funds for various causes.