Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence March 22, 2018 - Featured Image

Daily Threat Briefing Mar 22, 2018

Top Malware Reported in the Last 24 Hours

Qrypter backdoor
A new RAT, dubbed Qrypter, is being touted as a major competitor to existing cross-platform backdoors. This Malware-as-a-Service (MaaS) platform is being used by hackers to inject the tool into victims' systems using phishing emails. Once installed, the tool can manipulate file systems, install additional files, control the Task Manager and gain access to the PC's webcam.

TeleRAT
TeleRAT, a new Android Trojan is spreading itself using third-party Android app stores disguised as legitimate apps. The Trojan uses Telegram Bot API to communicate with the command and control (C&C) server and to exfiltrate data. TeleRAT is able to receive and carry out a range of commands and gain access to sensitive information.

Zenis ransomware
The victims of Zenis ransomware are being warned by hackers to pay up the ransom amount or risk losing their infected files forever. The ransomware uses a customized encryption method to encrypt the files of the infected machine. The method of distribution is yet unknown, though there is a possibility of it spreading through remote desktop services.

Top Vulnerabilities Reported in the Last 24 Hours

64-bit pool memory disclosure flaw
A memory disclosure vulnerability was found in the Microsoft Windows Kernel, that can be exploited via REG_RESOURCE_REQUIREMENTS_LIST registry values. Attackers can exploit this flaw to obtain information which can be used to compromise a victim's system.

Siemens fixes multiple flaws
Siemens has released security updates for its mobile app that fixes several vulnerabilities--including a denial-of-service (DoS) vulnerability that affects the SIMATIC controllers. The flaw has been dubbed CVE-2018-4843, and can be exploited by sending specially crafted PROFINET DCP packets to the target systems.

Related Threat Briefings