Cyware Daily Threat Intelligence

Daily Threat Briefing • Jul 6, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jul 6, 2018
Top Malware Reported in the Last 24 Hours
**Cryptomining malware infects Linux servers
** Security researchers have uncovered a new malware that infects Linux-based servers with a cryptocurrency miner. The miner, named YiluzhuanqianSerd, has been designed to steal funds and transfer them to a scam website, operated by Chinese hackers. The malware tricks users into installing the miner using social engineering. The miner steals Monero and Ethereum.
**Israeli soldiers attacked using malware-infested apps
** Israeli soldiers were reportedly targeted by Hamas hackers in a honeypot campaign. The hackers allegedly used fake social media profiles to engage with Israeli soldiers in an attempt to obtain sensitive information. The hackers tricked the victims into downloading malicious apps. The malware would then steal data from the infected device, take photos and conduct more espionage activities.
******Thermanator Attack
** Security researchers have discovered that sensitive information can be stolen via a new attack method that involves reading the thermal residue on keyboards. The attack requires a thermal camera, which can be used by even the most novice attacker, to read the thermal fingerprints left on a targeted device's keyboard.
Top Vulnerabilities Reported in the Last 24 Hours
**Ubuntu vulnerabilities
** Multiple vulnerabilities have been detected and fixed in the Linux kernel. Successful exploitation of these vulnerabilities could allow hackers to exfiltrate sensitive information and cause denial of service (DOS), even leading to a complete system crash. The flaws can be fixed by updating live patches. It is highly recommended that users upgrade their kernel version to the latest security update.
**Debian Xen vulnerabilities
** The Xen hypervisor was identified as having multiple vulnerabilities, which if exploited could allow hackers the ability to destroy multiple operating systems on a system. The vulnerabilities can also allow attackers to cause DOS conditions. Patches are available for this issue. Users are advised to update to the latest, fixed version.