Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence July 02, 2018 - Featured Image

Daily Threat Briefing Jun 11, 2018

Top Malware Reported in the Last 24 Hours

Bug found in Android devices
Over 15,600 android devices have been found to be shipped with their debug port open to remote connections. The bug can allow anybody, without any password, to remotely access the affected device as 'root' and then silently install software & execute malicious functions. Additionally, the bug also exploits the Android Debug Bridge (ADB), a feature that is used for troubleshooting on Android devices. Thus, in order to stay safe, customers should check if their vendor has left the ADB interface enabled on their devices. They must disable the interface by going to the settings menu of Android OS.

Malware attack on Career @Gov
The online job portal based in Singapore, Career@Gov, could have had their information compromised due to a malware infection that was found to have hit an outsource Australian-based vendor, PageUp. The users of the site have been notified about the malware breach. Also, they have been asked to change their username and password as an added security measure.

Top Vulnerabilities Reported in the Last 24 Hours

Vulnerabilities in Supermicro servers
Security researchers have uncovered vulnerabilities in the Supermicro server firmware that can only be exploited via malicious software already running on a system. These vulnerabilities can allow hackers to obtain access to systems, steal sensitive data and manipulate the way the systems operate. To defend against these attacks, organizations are advised to update the firmware with the latest version.

One Plus 6 flaw
A vulnerability has been discovered in the OnePlus 6 that can allow attackers to bypass the locked bootloader with any modified boot image. In order to exploit the flaw, the hacker needs to have a physical access to the phone, a USB cable, and a computer. They would then plug the phone into a computer, restart the phone into fastboot mode and then transfer any arbitrary or modified boot image. A patch is expected to release soon in the market until then the users must stay vigilant with their OnePlus 6.

Related Threat Briefings