Cyware Daily Threat Intelligence

Daily Threat Briefing • Jul 16, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jul 16, 2018
Top Malware Reported in the Last 24 Hours
**New X-Agent variant
** Security researchers have uncovered a new variant of the X-Agent malware. The previous variant was a mac malware, however, the new version affects Windows systems. X-Agent is the work of ATP28, which is tied to the Russian intelligence service (GRU). The new variant is written in Delphi and is capable of downloading a second stage payload from the internet and executing it.
**Compromised JavaScript delivers cryptominer
** Security researchers have discovered that a compromised JavaScript file that contains an additional code to deliver a cryptomining malware. Although the same extra code is also used in numerous other websites, no other malicious incidents were observed.
**********DanaBot malware targets Australia
** A new campaign that leverages compromised FTP servers to distribute phishing emails containing FTP links has been found targets in Australia with fake MYOB invoices. The FTP links drop the DanaBot banking malware, which has recently been observed in multiple campaigns, specifically targeting Australians.
Top Vulnerabilities Reported in the Last 24 Hours
**Linux Kernel Image flaws
** A vulnerability was discovered in the Linux Kernel, which exists in the fs/f2fs/inode.c source code file. The flaw could allow hackers to cause a denial of service (DoS) condition. The bug could be exploited by mounting and performing operations on a modified F2FS image on a targeted system. Users are advised to update to the latest firmware version of the software to fix the issue.
**cURL buffer overflow bug
** Security researchers have uncovered a high severity flaw in the Curl_smtp_escape_eob function of cURL. The heap-based buffer overflow flaw could allow attackers to remotely execute arbitrary code and cause a denial of service DoS condition. Patches are available for this flaw. It is highly recommended that users update to the latest version of curl.
**Libgit2 Integer overflow bug
** A bug was discovered in the git_delta_apply function of libgit2, which causes an integer overflow condition. The flaw could allow hackers to bypass bounds checks, which, in turn, could allow them to gain cause a denial of service (DoS) condition and access sensitive data. Users are advised to update to the latest version.