Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence February 07, 2018 - Featured Image

Daily Threat Briefing Feb 7, 2018

Top Malware Reported in the Last 24 Hours

Gold Dragon implants
Hackers are launching phishing campaigns--that are downloading malicious implants--targeting organizations that are involved in the 2018 Winter Olympics. Named Gold Dragon, Brave Prince, Ghost419, and RunningRat, these implants surface once an initial PowerShell backdoor is installed.
Gold Dragon, a data-gathering implant, generates a key to encrypt data from the infected system and sends the data over to a remote server.

Fake Flash update drops CPU miners
A software touting as a Flash update is installing CPU miners in victim's computers. The miners are propagating using fake Facebook video pages that asked users to install a Flash player to continue. Thus, tricking users into downloading the miner.

Top Vulnerabilities Reported in the Last 24 Hours

Adobe released patches
Security patches have been released for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS to address critical vulnerabilities, CVE-2018-4878 and CVE-2018-4877. These flaws were found to allow remote code execution. Users are advised to update to Adobe Flash Player 28.0.0.161 to stay safe.

Exploitable bug affecting Alpha and Itanium systems
A privilege escalation flaw has been found in OpenVMS OS running on VAX and Alpha processors. The bug, dubbed CVE-2017-17482, could also affect Intel Itanium systems in mixed-architecture clusters. The vulnerability stems from a cockup in the command processing code within the VMS shell, called DCL.

CSS Exfil attack
Ever since CSS has become a mainstay for Web pages, hackers have started launching CSS Exfil attacks. Poor programming could result in creating vulnerabilities on the page. To stay safe, users are advised to implement the Content Security Policy, (CSP), which is an added security layer.

Top Breaches Reported in the Last 24 Hours

UNC data breach
University of Northern Colorado (UNC) recently suffered a data breach, resulting in leakage of personal information of 12 employees. Hackers stole social security numbers of these employees to reset their passwords and access their accounts. Victims' W2 forms were also stolen.

DDoS attacks on Final Fantasy XIV network
A network which hosts Final Fantasy XIV game was disrupted due to a distributed denial of service (DDoS) attack. This resulted in players experiencing difficulty in logging in to JP data center Worlds, and accessing, sending and receiving data from JP data centers.

Related Threat Briefings