Cyware Daily Threat Intelligence

Daily Threat Briefing • Jul 12, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jul 12, 2018
Top Malware Reported in the Last 24 Hours
**YiluzhuanqianSerd malware
** YiluzhuanqianSerd is a Linux-based malware that infects systems running Linux and IoT devices with a cryptocurrency miner. The malware searches for SSH ports and connected devices with an exploitable remote desktop protocol (RDP) port. The cryptominer that YiluzhuanqianSerd drops transfers funds to a Chinese scam website.
**OSX. Dummy malware
** The OSX.Dummy malware poses as administrators, moderators and key figures in the cryptocurrency community. The macOS malware targets cryptocurrency investors and opens up a backdoor on infected systems. In this case, the malware targeted the cryptocurrency community via Slack and Discord.
Top Vulnerabilities Reported in the Last 24 Hours
**New Spectre vulnerabilities
** Security researchers have discovered two new Spectre vulnerabilities - Spectre 1.1 and Spectre 1.2. The former leverages speculative stores to create buffer overflows and affects billions of devices powered by modern processors, including Intel and AMD processors. Spectre 1.2 only affects CPUs that don't have read/write protections enabled, instead, relying on lazy PTE enforcement.
**Cisco IP Phone and StarOS flaw
**Two new Cisco vulnerabilities were discovered - an IP phone firmware bug and a StarOS flaw. Cisco IP Phone flaw could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web server. The Cisco StarOS bug could allow remote hackers to create a denial of service (DoS) condition.
**IBM privilege escalation vulnerabilities
** IBM's DB2 was discovered containing multiple vulnerabilities. The first flaw exists due to a flaw in systems that invoke the tool with elevated privileges. The flaws could allow hackers to execute arbitrary code and launch privilege escalation attacks.
Top Breaches Reported in the Last 24 Hours
**Bancor breach
** The cryptocurrency conversion platform Bancor was hit by hackers and over $13.5 million worth of tokens were stolen. The hackers made away with $12.5 million in Ether, $1 million in Pundi X's NPXS token and $10 million in Bancor's BNT. However, the Israeli firm said that no user wallets were compromised. The Bancor site was taken down following the attack.
** VSDC hack
**The website of the popular audio and video editing and converting software provider VSDC was hacked. The website was attacked thrice - on June 18, July 2, and July 6. During the attacks, the hackers changed the download links on the VSDC website with links that redirected users to malicious links that served up three different malware strains.