Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence February 28, 2018 - Featured Image

Daily Threat Briefing Feb 28, 2018

Top Malware Reported in the Last 24 Hours

Thanatos ransomware
A new ransomware, dubbed Thanatos, has been discovered in the wild. Thanatos Ransomware encrypts a file by generating a new encryption key for every file encrypted, and then appends the .THANATOS extension to an encrypted file's name. After completing the encryption, the malware connects to a specific URL to report back, thus allowing attackers to keep track of the number of infected victims.

Mobef ransomware
The ransomware has been detected affecting Italian users. The ransomware encrypts user files without changing the file extension and drops a file containing the instructions on how to pay the ransom.

New Android malware
Security researchers have discovered a new Android malware--called RedDrop--that steals a range of data from infected devices. The malware hoovers up live recordings of its surroundings, files, photos, contacts, notes, device data and information about saved Wi-Fi networks and nearby hotspots. However, a give-away is that the malware sends out silent text messages to premium numbers in order to make money.

Top Vulnerabilities Reported in the Last 24 Hours

Adobe releases patches
A new arbitrary code execution flaw discovered in Adobe Acrobat Reader DC, has been patched by Adobe. The flaw stems from Adobe ReaderDC's ability to support embedded Javascript scripts in the PDF. This allows hackers to control memory layout and get that opening to attack.

Empty password flaw
A bug, CVE-2018-0121, has been discovered in Cisco's Elastic Services Controller (ESC). Unauthenticated, remote attackers can exploit the bug by sending in an empty password and gaining admin access to an affected system. They can then execute arbitrary actions with administrator privileges.

Related Threat Briefings