Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence November 15, 2017 - Featured Image

Daily Threat Briefing Nov 15, 2017

Top Malware Reported in the Last 24 Hours

POS Alina malware
Security researchers recently discovered that infections have been detected at a significant number of bars and restaurants in the United States whose POS terminals were attacked by two variants of credit card theft malware, Alina. Variants are Epson.exe and Wnhelp.exe. Hackers steal financial details of customers and abuse it for their personal goals.

CryptoMix ransomware
A new variant -- XZZX -- of the notorious CryptoMix ransomware has been found by the security researchers. The new strain appends the extension .XZZX to the encrypted files. However, there is no change in the encryption methods.

OnePlus EngineerMode backdoor
The backdoor EngineerMode was found recently by the security researchers. It's interesting to note that EngineerMode has been designed to diagnose issues with GPS, check root status of the device, perform specific tests and much more. However, this app can be abused by hackers to gain entry into the device.

Top Breaches Reported in the Last 24 Hours

Forever 21 breached
In a recent discovery, Forever 21 -- the fashion retailer -- is investigating a potential data breach which may have compromised customer information and payment cards. Customers who shopped in store from March 2017 through October 2017 may be affected. Therefore, customers are advised to keep an eye on their cards and make their banks aware of any unauthorized activity.

Neo-Nazi sites taken down
In another revelation, the hacktivist collective Anonymous has claimed responsibility for taking down over a dozen neo-Nazi sites including cnkkk[dot]net, texaskkk[dot]com, vanguardamerica[dot]online, whitehonor[dot]com. These attacks are a part of the ongoing #OpDomesticTerrorism campaign.

DXC Technologies data leak
It has been discovered that an employee of DXC Technologies accidentally uploaded the firm's private AWS key to a public GitHub repo. Hackers leveraged this opportunity to use the private keys to start 244 AWS virtual machines and bill the firm for $64,000.

Related Threat Briefings