Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence December 15, 2017 - Featured Image

Daily Threat Briefing Dec 15, 2017

Top Malware Reported in the Last 24 Hours

Emotet repackaged
Security researchers have realized on analyzing that Emotet banking Trojan is being repackaged rapidly. The polymorphic dropped executables were investigated by security experts. It was found that the executables appear like different software in many aspects. This allows them to avoid signature-based antivirus and package detection.

Prilex ATM malware
This malware is almost exclusive to Brazil. Prilex ATM malware interacts with libraries from specific vendors, indicating particular knowledge of the ATM and related network. It works by hooking certain dynamic-link libraries (DLLs), replacing it with its own application screens on top of others.

Top Vulnerabilities Reported in the Last 24 Hours

Microsoft RCE flaws
In another discovery, hackers are using exploit kits to scan for vulnerabilities in the targeted system and install malware by injecting malicious code into the documents. This lures the users to open the documents and enable macros in the MS Office package.

Microsoft Azure flaw
A flaw that exists in Microsoft Azure Active Directory Connect could create stealthy admins in the user group by default. Enterprises with Office 365 deployments and on-premise Active Directory, who then use Azure AD Connect to sync between on-premise and cloud, will have been exposed to this privilege escalation vulnerability.

Related Threat Briefings