Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence October 31, 2018 - Featured Image

Daily Threat Briefing Oct 31, 2018

Top Malware Reported in the Last 24 Hours

SamSam ransomware

Security experts discovered that the SamSam ransomware has infected 67 organizations across the globe in 2018. Of the 67 organizations targeted, over 80 percent are located in the US. The ransomware also targeted a small number of organizations in Portugal, France, Australia, Ireland, and Israel. Unlike other ransomware variants, SamSam attacks begin remote desktop protocol (RDP) compromise via either brute force attacks on networks or by using stolen credentials.

CommonRansom

Security researchers have discovered a unique ransomware called CommonRansom. Apart from demanding a Bitcoin ransom, the malware also demands remote desktop protocol (RDP) access and admin credentials. Although the ransomware is still not considered to be a major threat, the Bitcoin address linked to it has seen some activity. 65 bitcoins were transferred out of this bitcoin address and sent to another account that has received funds from over 11,000 other bitcoin addresses.

Top Breaches Reported in the Last 24 Hours

Eurostar

Eurostar recently detected an intrusion attempt which prompted them to reset the passwords to all user accounts. The breach involved hackers using users' email and passwords to infiltrate systems. The malicious activity was recorded between October 15 and 19. It is still uncertain whether the attack led to any loss of data.

Predpol

The predictive policing tool, Predpol, accidentally exposed information regarding 17 communities and police departments that it is working with. According to researchers, Predpol assigns easy-to-guess subdomains to each Predpol customer. The subdomains are login portals for police officers. These subdomains were found to be associated with American cities, which suggest that PredPol has likely been quietly implemented in police departments across the US.

Related Threat Briefings