Cyware Daily Threat Intelligence

Daily Threat Briefing • Feb 27, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Feb 27, 2018
Top Malware Reported in the Last 24 Hours
Eviral Trojan
Researchers have come across a new Trojan, dubbed Eviral, that is capable of stealing browser cookies and stored credentials, and has the ability to monitor/modify the Windows clipboard text. The Trojan was being sold on criminal forums. It also lets the hacker control everything from a panel where the stolen data can be easily explored.
BadRabbit ransomware
The BadRabbit ransomware spread using drive-by attacks, presenting itself as a Flash update. Users who clicked on the update were infected by the ransomware. After execution, the ransomware elevated its privileges on the user's device.
Decrease in RIG EK activities
There has been a decrease in the EK activity over the past year. This year, the exploit kit has been used to spread the Fobos, Ngay, and Seamless campaigns. The decrease can be attributed to multiple causes--ranging from fortification of browser and browser based applications to closure of many sub-domains.
Top Breaches Reported in the Last 24 Hours
Theft of intellectual property
Several Australian universities and NGOs are being targeted by hackers from Iran and China, in order to steal intellectual property. The targets are chosen as these places are abundant with research files on economic policies, defense projects, and technology and medical advancements.
LAPD 's Twitter account hacked
The official Twitter account of the Los Angeles Police Department's (LAPD) was hacked. Hackers tweeted a message calling the department "white supremacists". The tweet read "lapdWHITESUPREMACISTS". It is unclear how the breach occurred.