Cyware Daily Threat Intelligence

Daily Threat Briefing • Jan 30, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jan 30, 2018
Top Malware Reported in the Last 24 Hours
GandCrab ransomware
A new ransomware, dubbed GandCrab, has been discovered recently spreading via exploit kits. This ransomware is the first to accept DASH currency as ransomware payments. The ransomware is now being distributed through a malvertising campaign called Seamless, that pushes visitors to the RIG exploit kit.
Andromeda botnet
Cyber criminals are using the Andromeda botnet to launch cyber attacks on the educational sector. This malicious software captures sensitive information such as authentication credentials or downloads and installs additional malicious software.
BitPaymer
Researchers found out that the authors of the Dridex banking Trojan also created a malware called BitPaymer, also known as FriedEx ransomware. Both malware share a lot of similarities in code and evasion techniques, and also use the same malware packer.
Top Vulnerabilities Reported in the Last 24 Hours
Windows emergency patch
Microsoft issued an emergency out-of-band Windows update, that would disable mitigation against variant 2 (CVE-2017-5715) of the Spectre hardware flaw in Intel processors. The patch, dubbed KB4078130 is used to mitigate Spectre variant 2.
Microsoft took the step after Intel announced that their updates may cause rebooting issues.
Vulnerabilities in Fitness app Strava
The heatmap shared by the Strava fitness app, has ended up revealing secret military bases for the US and other countries. Not just US, the app also reveals other bases including Russia's military bases, those in Afghanistan, and Turkish patrols North of Manbij in Northern Syria.
Lenovo 's Fingerprint Manager Pro flaw
A hardcoded password flaw has been detected impacting ThinkPad, ThinkCentre, and ThinkStation laptops. However, Windows 10 users needn't worry as this flaw doesn't affect them. A fix has already been released for this flaw.
Top Breaches Reported in the Last 24 Hours
Netherlands DDoS cyber attacks
Various banks in Netherlands, including the National tax office went offline for a while after being targeted by DDoS attacks. Banks like ABN Amro, Rabobank and ING had their official website disrupted for 5-10 minutes.
phpBB download links compromised
Download links for the phpBB forum software have been compromised by unknown hackers. Compromised URLs were related to the phpBB 3.2.2 full package and the phpBB 3.2.1 -> 3.2.2 automatic updater. Links to the malicious files have already been removed by phpBB, and currently available vulnerabilities are safe for use.