Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence September 21, 2017 - Featured Image

Daily Threat Briefing Sep 21, 2017

Top Malware Reported in the Last 24 Hours

Security camera malware
In a recent discovery, hackers have turned a security camera into a spying tool using a malware and infrared light. This technique is called aIR-Jumper and is used to infiltrate or exfiltrate data and steal passwords. In addition, this method can be used to manipulate LED doorbells as well because they detect IR lights.

GlobeImposter malware
This ransomware is a troublesome ransomware and has been given a distinction of being the second most affecting malware in 2017. The primary reason of earning that feat is because it was distributed using malspam campaigns, exploit kits, and malvertising. Thus, users should keep their devices updated and backup all their data.

Fake voicemail notifications
Hackers are getting clever by the day and are utilizing newer malware distribution methods. Recently, it has been found that cybercriminals are sending fake voicemail notification emails to the target victims with a malicious attachment which ultimately drops the Locky ransomware. Users are advised not to open unknown and suspicious email attachments.

Top Vulnerabilities Reported in the Last 24 Hours

Cisco 's SMI switches
Several researchers are talking and highlighting the dangers associated with Cisco's SMI switches that are functioning in a high number online. The faulty SMI allows an attacker to take complete control over the configuration of the target switch. This means that the possibility of information disclosure spurts unexpectedly.

Unpatched HVAC systems
Researchers have recently discovered that bridging the air-gapped networks with heating, ventilation, and air conditioning (HVAC) systems can allow attackers to send malicious commands and target the system. The old bugs from the unpatched HVAC systems are the cause of the attacks. Users are advised to keep their HVAC systems patched.

Microsoft 's mixed-language flaw
Several users complained about Outlook 2007's mixed-language display in the user interface after the September Public Update. To fix the imperative flaw Microsoft has now released a fix known as KB 4011110 to the issue dubbed KB 4011086.

Top Breaches Reported in the Last 24 Hours

Cryptocurrency miners
It has been reported that attackers are spreading cryptocurrency miners through content management system (CMS). Through that, the hackers are targeting industries from various sectors including manufacturing, finance, retail, IT and communications. The cybercriminals are using many innovative methods to exploit the systems. The first set of victims are CMS platforms like WordPress, Joomla and JBoss server.

SEC hacked
Recently, the trading regulator revealed that hackers had breached its system for storing documents filed by publicly traded companies in 2016. The hackers laughed their way to the bank by illegally profiting from the secret information. The agency's cybersecurity risk profile showed the signs of a faulty filing system attributed to EDGAR filing system.

Related Threat Briefings