Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence May 18, 2018 - Featured Image

Daily Threat Briefing May 18, 2018

Top Malware Reported in the Last 24 Hours

Nethammer attack
After Throwhammer, researchers have now demonstrated a second network-based remote technique named Nethammer. The attack can be used on systems that use uncached memory or flush instructions while handling network requests. This can help attackers to execute arbitary code on the targeted systems by rapidly writing and rewriting memory used for packet processing.

MEWKit phishing attack
A criminal group has developed a new sophisticated scheme to hijack Ethereum wallets. Dubbed as MEWKit, the phishing campaign mimics the MyEtherWallet site with an intention to steal credentials and later uses it to transfer funds without the knowledge of users. The back end of MEWKit allows the attackers to monitor the amount of Ethereum collected and keep a record of private user keys and passwords which can be used for further attacks.

Dharma ransomware variant
A new variant of Dharma/Crysis ransomware has been discovered to use the .Bip extension. The new variant is propagated via spam emails. Upon installation, it encrypts the files on victims' computer and later appends them with .Bip extension. This is done to extort victims to pay in Bitcoin for their encrypted files.

Top Breaches Reported in the Last 24 Hours

LocationSmart leaks location
LocationSmart, a US-based company that accumulates real-time data about the location of mobile phone devices, has been leaking information due to a buggy component on its website. The bug revealed the location of users using AT&T, Sprint, T-Mobile and Verizon phones.

Data breach at L.A. County
A misconfigured Amazon web server at a nonprofit organization that operates Los Angeles County's social service hotline, has resulted in the exposure of personal information of its customer. The leaked data includes names, email addresses & passwords of users operating the 211 system. It also includes records of 3.5 million calls and 33,000 Social Security numbers.

CBC's data compromised
Around 20,000 people including employees might have been affected by a data breach that took place at CBC (Canadian Broadcasting Corporation). The breach occurred when an intruder broke into a secure area of CBC and stole a piece of computer equipment. Though the stolen equipment was password-protected, it is believed that the system contained electronic files including some financial information.

Related Threat Briefings