Cyber alerts

15 results

March 2018

Published Thursday 22 March 2018 (12:00) (updated 19 January 2022)

Cryptocurrency Miner Distributed via Weathermap Plugin

A cryptocurrency miner has been distributed via a PHP tool exploiting a vulnerability in the Weathermap network monitoring tool.

CC-2150 Medium

Published Thursday 22 March 2018 (12:00) (updated 17 February 2020)

Qrypter MaaS Remote Access Trojan

A new Java-based remote access trojan (RAT), known as Qrypter, has been observed.

CC-2164 Medium

Published Thursday 22 March 2018 (12:00) (updated 17 February 2020)

RoyalCLI and RoyalDNS Backdoors

The Chinese Advanced Persistent Threat group APT15 has been found responsible for compromising a UK government contractor using two new backdoors , RoyalCLI and RoyalDNS , during 2016/17.

CC-2137 Medium

Published Thursday 15 March 2018 (12:00) (updated 17 February 2020)

RedisWannaMine Cryptomining Worm

A new cryptocurrency mining worm has been observed targeting servers using the Redis data structure store. Named RedisWannaMine, it also uses the EternalBlue SMB exploit to propagate.

CC-2142 Medium

Published Thursday 15 March 2018 (12:00) (updated 17 February 2020)

FinFisher Trojan

The spyware FinFisher (also known as FinSpy), is capable of surveillance through webcams and microphones, keylogging and exfiltration of data on an infected device.

CC-2139 Medium

Published Thursday 15 March 2018 (12:00) (updated 11 January 2022)

FlawedAmmyy RAT

FlawedAmmyy remote access trojan (RAT) has been created from the leaked source code for version three of Ammyy Admin remote desktop software.

CC-2018 Medium

Published Wednesday 14 March 2018 (12:00) (updated 17 February 2020)

GandCrab Ransomware

First observed in January 2017, GandCrab is a ransomware tool delivered by a number of exploit kits including RIG and GrandSoft, as well as by the Necurs botnet.

CC-2120 Medium

Published Friday 9 March 2018 (12:00) (updated 17 February 2020)

PHP Malware Disguised as IonCube Scripts

Malware has been observed that has been disguised to appear almost identical to legitimate scripts produced by the ionCube PHP encoder.

CC-2075 Medium

Published Thursday 8 March 2018 (12:00) (updated 17 February 2020)

Mdrop Trojan

Mdrop is a trojan that installs other malware onto a target system. Variants have been observed since 2008.

CC-2119 Medium

Published Thursday 8 March 2018 (12:00) (updated 17 February 2020)

Quasar RAT

Quasar is a remote access trojan (RAT) which uses Rich Text Format (RTF) documents to spread malware. The malicious documents are Excel spreadsheets which include a macro.