Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence February 26, 2018 - Featured Image

Daily Threat Briefing Feb 26, 2018

Top Malware Reported in the Last 24 Hours

Data Keeper ransomware
A new ransomware, dubbed Data Keeper, has been discovered by security researchers in the wild. The ransomware is generated by a new Ransomware-as-a-Service (RaaS) service and is coded in .NET. The authors of Data Keeper are encouraging users to generate ransomware samples and distribute them to victims, with the promise of receiving a share of the ransom fee.

Avzhan DDoS
The Avzhan DDoS, initially discovered in 2010, made a comeback via a Chinese drive-by-attack. The most important capabilities of the bot are the different DDoS attacks that can be carried out remotely on any target. Few additions have been made to the malware to increase obfuscation capabilities.

OopsIE Trojan
OilRig threat actors are running a campaign which involves sending spoofed emails containing a malicious Microsoft document aka ThreeDollars--in order to spread the OopsIE Trojan. The threat group is adopting these new techniques to evade identification.

Top Vulnerabilities Reported in the Last 24 Hours

Flash vulnerability
A new malspam campaign has been discovered using malicious word documents to exploit the latest Flash vulnerability (CVE-2018-4878). The critical vulnerability exists in Adobe Flash Player 28.0.0.137 and earlier versions. Adobe has already released a patch for the bug.

Critical vulnerabilities in Drupal
Multiple vulnerabilities discovered in Drupal 7 and 8 have been patched. One moderately critical flaw is an access bypass issue that can allow users to view or download files on the private file system. The second flaw in Drupal 7 is a jQuery cross-site scripting vulnerability which occurs when Ajax requests.

Related Threat Briefings