Cyware Daily Threat Intelligence

Daily Threat Briefing • Sep 26, 2017
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Sep 26, 2017
Top Malware Reported in the Last 24 Hours
CCleaner hack
Recently, hackers released infected versions-CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191-between August 15 and Sept 12. Two servers used by the hackers were seized by Avast--which owns the software optimization tool for Windows. Soon after the analysis of the data, it has been said the hackers were after corporate data of tech and telecom companies
Monero miner
Showtime[dot]com and its instant-streaming site ShowtimeAnytime[dot]com have been found to be leveraging browsers to mine for Monero coins. Monero is considered to be a knock-off of Bitcoin. The resource hogging app used about 60 percent of CPU on computers visiting the sites.
Top Vulnerabilities Reported in the Last 24 Hours
Joomla vulnerability
The popular content management system (CMS) was plagued with bugs from some time now. But fortunately, it has now released a new update which fixes the serious security issue in its Lightweight Directory Access Protocol (LDAP) and authentication plugin along with two other security issues. Users are advised to quickly upgrade the CMS to avoid unwarranted cyberattacks.
iTerm2 flaw
The popular command-based Mac app iTerm is now considered as a replacement for Apple's official Terminal app. Unfortunately, it was found to be flawed recently where the app used inaccurate matching algorithms. Users are advised to update their apps as soon as possible.
macOS High Sierra flaw
The vulnerability in the recently-launched High Sierra is discovered to have a vulnerability. Not just this, the earlier versions of macOS and OS X are also known to have the flaw which allows rogue applications to steal plaintext passwords stored in the Mac keychain. Users are warned against installing third-party or unsigned apps, or from non-trusted developers.