Cyware Daily Threat Intelligence

Daily Threat Briefing • May 9, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • May 9, 2018
Top Malware Reported in the Last 24 Hours
Maikspy spyware
A new variant of Maikspy spyware has been discovered by security researchers stealing users' private data. The malware is spreading in the form of an online game, named Virtual Girlfriend. Hackers lure victims towards clicking on malicious shortened URLs. The game was found promoted by various Twitter handles.
Fake antivirus
A fake antivirus (AV) called Android's Antivirus has been discovered by researchers, stealing the detections of other well-known AVs. The fake antivirus successfully duped Google Play and is available for download. Users are advised to be extra cautious while choosing an antivirus for their mobiles.
Top Vulnerabilities Reported in the Last 24 Hours
Vulnerability in Device Guard
Cumulative updates have been released for all versions of Windows 10 and Windows Server, which included the fix for a bypass vulnerability found in Device Guard. The vulnerability notably affects devices in Windows 10 S locked-down mode. To stay safe, users are advised to serve only specific and defined file types, and grant access only to trusted and accountable users.
New Kernel update
A Kernel update has been released for Red Hat Enterprise Linux 6 that fixed several denial of service and use-after-free vulnerabilities traced as CVE-2017-1000410, CVE-2017-13166, CVE-2017-18017, CVE-2017-7645, CVE-2017-8824, and CVE-2018-8897. Users are advised to update their Kernel packages and reboot their systems to stay safe.
Adobe patches critical flaws
Several critical vulnerabilities have been fixed by Adobe as part of its May Security Bulletin. Out of the flaws, five important ones span Creative Cloud, Adobe Flash Player, and Adobe Connect. None of these flaws have been exploited in the wild.