Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence January 24, 2018 - Featured Image

Daily Threat Briefing Jan 24, 2018

Top Malware Reported in the Last 24 Hours

Paradise Ransomware
The Paradise ransomware has resurfaced (last seen in September 2017) launching a new wave of attacks. The malware uses a Ransomware-as- a-Service (RaaS) model and RSA cipher for file encryption.

SpriteCoin
A new ransomware is masquerading as a fake cryptocurrency by pretending to be a password protected storage wallet for SpriteCoin. The malware is aimed at tricking users into believing its a cryptocurrency wallet and offers users to create accounts. As soon as victims do that, their data gets encrypted and demands ransom in Monero cryptocurrency.

Top Vulnerabilities Reported in the Last 24 Hours

Flaws in Panic Buttons
Security flaws were found in popular personal protection devices of Wearsafe and Revolar. Exploiting these flaws will allow hackers to access user's location and even disable the device. Wearsafe's devices were also found to be vulnerable to DoS attacks.

XSS Vulnerability in Microsoft
A client-side cross-site scripting vulnerability has been discovered in Microsoft Academic online service web-application. This security bug allows attackers to inject malicious script code to a client-side browser to application web requests.

Bugs in Electron framework
Security vulnerabilities were found in the Electron framework--used by popular platforms like Skype and Slack--that would allow hackers to execute code remotely. The bug, dubbed the Protocol Handler Vulnerability, has been assigned the number CVE-2018-1000006. Electron has already fixed these issues.

Top Breaches Reported in the Last 24 Hours

Malaysian organ donors
Personal data of over 440,000 organ donors and their next-of-kin has been stolen by hackers. Information included donor's name, identification card number, race, nationality, address, and phone numbers. Data is leaked from Government Hospitals as well as National Transplant Resource Centers across Malaysia.

Bell Canada
Canada's largest phone company, Bell Canada confirmed that a breach in their company resulted in data theft of around 100,000 subscribers. Hackers illegally accessed customer information including subscriber names and e-mail addresses. On a brighter side, credit card information of the customers hasn't been stolen.

Anonymous Greece
The hacker group, Anonymous Greece (Greek chapter of the Anonymous hacker clan) claimed to have hacked 16 databases of ERT which contained 60 GB worth of data. The hacker group carried out the breach in response to ERT's decision to not cover Thessaloniki Macedonia rally live.

Related Threat Briefings