Cyware Daily Threat Intelligence

Daily Threat Briefing • Jun 8, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jun 8, 2018
Top Malware Reported in the Last 24 Hours
BabaYaga malware
A malware strain has been discovered targeting WordPress sites with self-preservation technique. Dubbed BabaYaga, this malware can also infect Joomla and Drupal sites, or even generic PHP sites. The malware injects sites with special keyboards to redirect users to affiliate marketing links.
RedEye ransomware
A new ransomware, dubbed RedEye, has been discovered. Unlike other ransomware which encrypt victims' files and holds them for ransom, RedEye was found deleting files. After infecting a system, the ransomware displays a note informing victims that their files have been encrypted using AES256. Victims are asked to access a .onion website and pay 0.1 Bitcoins to a specified address.
Invisimole cyber espionage malware
A powerful and highly-targeted malware, named Invisimole, has been discovered. The malware has the capabilities of creating a backdoor and enabling hackers to have a total view of the computer's activities. It was first picked up in May in computers based in Russia and Ukraine.
Top Vulnerabilities Reported in the Last 24 Hours
Adobe fixes the zero-day flaw
Security updates have been released by Adobe to fix a zero-day vulnerability (CVE-2018-5002) in Flash Player for Windows, macOS, Linux and Chrome OS. The flaw affects Adobe Flash Player 29.0.0.171 and earlier versions. Users are advised to update their Flash versions to 30.0.0.113.
Mozilla addresses multiple flaws
Multiple vulnerabilities in Firefox and Firefox ESR have been patched by Mozilla. A remote attacker could exploit these vulnerabilities to take control of an affected system. Users are advised to update to versions Firefox 60.0.2, Firefox ESR 52.8.1, or Firefox ESR 60.0.2.
Red Hat fixes issues
An update for java-1.7.1-ibm has been released by Red Hat for Red Hat Satellite 5.6 and Red Hat Satellite 5.7. The update addresses several flaws including insufficient validation of the invoke interface instruction, insecure handling, and use of global credentials. Users are advised to restart their systems after installing the updates.