Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence November 26, 2018 - Featured Image

Daily Threat Briefing Oct 25, 2018

Top Malware Reported in the Last 24 Hours

SearchAwesome

A newly discovered Mac malware dubbed OSX.SearchAwesome is capable of injecting malicious scripts, keylogging and cryptomining. The malware, which comes loaded in a fake app called spinstall, can also intercept encrypted web traffic to serve up ads. It can also install tools that allow attackers to conduct man-in-the-middle attacks. The Mac adware can also connect to a malicious website and download additional malware, siphon off sensitive data, and capture browsing data.

Chalubo

Chalubo is a recently discovered Linux malware that has been targeting attacks against Internet-facing SSH servers on Linux-based systems alongside IoT systems. The IoT malware contains obfuscation features and also borrows code from the Mirai and Xor.DDoS botnets.

Malware campaign

A new malware campaign has been spotted targeting victims in Brazil. The phishing campaign drops a banking malware on targeted victims that only activates when it detects Portuguese as the language. The malware abuses two legitimate Windows files that manage certificates for the Windows operating system.

Top Breaches Reported in the Last 24 Hours

Cathay Pacific

Hong Kong-based airline Cathay Pacific suffered a massive data breach. Around 9.4 million customers' data was compromised by the breach. The firm discovered that the data was stolen by hackers. The data stolen by the hackers include passengers' names, nationality, dates of birth, phone numbers, email, addresses, passport numbers, identity card numbers, frequent flyer program membership numbers, customer service remarks, and travel histories.

US Democratic Party data leaked

Rice Consulting, a consulting firm handling political fundraisers for the Democratic Party accidentally exposed corporate and customer data. The leaked data included databases storing voter records, which was stored on an unsecured network attached storage (NAS) device. The misconfigured NAS server contained detailed information on Rice Consulting clients, including in-depth details on thousands of past fundraisers. Exposed information included names, phones, emails, addresses, contracts, meeting notes, and more.

Related Threat Briefings