Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence January 16, 2018 - Featured Image

Daily Threat Briefing Jan 16, 2018

Top Malware Reported in the Last 24 Hours

MaMi malware
A malware that targets Mac OS X users, named MaMi, has been found. It is a rehash of an old Windows DNS hijacker. MaMi is capable of DNS hijacking, capturing screenshots, simulate mouse events, upload/download files, and execute arbitrary code.

RubyMiner
A new strain of cryptocurrency miner, dubbed RubyMiner, was discovered by security researchers. The malware was found to be affecting outdated web servers. Attackers spread this malware by hiding it in robots.txt files. Here, hackers clear all the cron jobs and add malicious cron job which downloads a script, that installs modified version of the legitimate XMRig Monero miner application.

Top Vulnerabilities Reported in the Last 24 Hours

Flaw in BitTorrent
Google's Project Zero researchers found a critical flaw in Transmission BitTorrent app that allows websites to execute malicious code on some users' computers. By exploiting this vulnerability, attackers can command Transmission to download a Torrent called ".bashrc" which would automatically be executed the next time the user opened a bash shell.

Several vulnerabilities in Phoenix Contact
A series of security flaws have been found in Phoenix Contact's FL Switch industrial Ethernet switches. These are authentication bypass and information exposure flaws. One of these flaws (CVE-2017-16743) has been assigned a CVSS score of 9.8, adding it in the "critical severity" category.

SCADA App Vulnerabilities
It has been found that mobile apps used by SCADA Industrial Control Systems, have 147 security vulnerabilities. The test has been done on 34 ICS apps from Google Play. Of these mobile apps, 32 of them lacked root or code protection, 20 had poor authorization, 20 implemented insecure data storage, and 18 lacked obfuscation.

Related Threat Briefings