Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence October 24, 2017 - Featured Image

Daily Threat Briefing Oct 24, 2017

Top Malware Reported in the Last 24 Hours

LokiBot Trojan
In a recent discovery, LokiBot, a new Android banking Trojan that transforms into ransomware and locks users' phones when they try to remove it has been found. It shows fake login screens on top of popular apps. LokiBot targets both banking and non-banking apps. The malware works on Android 4.0 and higher.

Magniber ransomware
Recently, a new ransomware that is being distributed by the Magnitude exploit kit was found. However, in the last couple of days reports have surfaced that this ransomware has primarily targeted South Korea via malvertisements on attacker-owned domains.

Top Vulnerabilities Reported in the Last 24 Hours

Sarahah flaw
The popular feedback app has been found to be plagued with security flaws. These flaws make the app vulnerable to attacks and can facilitate cybercriminals to bypass the app's Cross-Site Request Forgery (CSRF) protections. Users are still waiting for an update from the app maker.

Cryptographic cloning
Several thousands of smart cards used by the banks and large corporations are found vulnerable to ROCA. Gemalto IDPrime .Net smartcards are among the affected cards. The vulnerability was discovered in a popularly used code library developed by Infineon.

Top Breaches Reported in the Last 24 Hours

Internet Registry breached
The Regional Internet Registry administering IP addresses for the Asia-Pacific dubbed Asia-Pacific Network Information Center (APNIC) has suffered a data breach. The slip up happened in its WHOIS database where the config leaked credentials, including weakly-hashed passwords.

Clinic data breach
Cybercriminals have successfully managed to penetrate into the database of London Bridge Plastic Surgery (LBPS) and managed to steal photos, names and other details belonging to patients including few celebrities. It is reported that the infamous hacker group named The Dark Overlord is behind the attack.

Related Threat Briefings