Check Point World Threat List July 2019

The Check Point , the research division of Check Point® Software Technologies Ltd., has released its latest Global Threat Index for July 2019.

The research team warns organizations about a new vulnerability discovered in the OpenDreamBox 2.0.0 WebAdmin Plugin that affected 32% of organizations worldwide in July.

This particular vulnerability, which was ranked as the eighth most frequently exploited vulnerability, allows attackers to execute commands remotely on ματα που αποτελούν στόχους. Το πρόγραμμα εκμετάλλευσης της ευπάθειας ενεργοποιήθηκε παράλληλα με άλλες επιθέσεις που στόχευαν σε συσκευές IoT – πιο συγκεκριμένα με την εκτέλεση του απομακρυσμένου MVPower DVR (the third most popular exploited vulnerability in July). This particular program is also known to be associated with the infamous Mirai botnet.

Cryptoloot use also declined sharply during July, ranking 10th in the list of the most widespread malware, while in June it was third.

“Malicious actors try to exploit new vulnerabilities as soon as they appear, before organizations can fix them. The OpenDreamBox vulnerability is no exception. However, the fact that almost a third of organizations worldwide have been affected is surprising. This particular fact highlights the importance of the rapid correction of such vulnerabilities for the of businesses," said Maya Horowitz, Director of Threat Intelligence and Research at Check Point.

 

Check Point

"The sharp decline in the use of Cryptoloot is also of interest. This software had dominated the last one and a half years while being the second most prevalent version of malware in the first six months of 2019. and captured the second most common variant of malware observed in the first half of 2019, affecting 7,2% of organizations worldwide. We believe the decline is linked to its main competitor, Coinhive, which stopped operating earlier within 2019. Cybercriminals rely on alternative malicious cryptomining software such as XMRig and Jsecoin. "
 
Check Point: 3 most prevalent malware threats in July 2019:

* The arrows indicate the change in rank relative to the previous month.

XMRig is at the top of the list, affecting 7% of organizations worldwide. Jsecoin and Dorkbot followed, affecting 6% of organizations globally.

1. ↔ XMRig - XMRig is an open source CPU mining software for the Monero cryptocurrency production process that was first launched in May on 2017.
2. ↔ Jsecoin - JavaScript mining software that can be embedded in websites. With JSEcoin, you can run the mining software directly on your browser in exchange for an ad-free browsing experience, game currencies and other incentives.
3. ↑ Dorkbot - Worm based on IRC, designed to allow remote execution of code by its operator, as well as downloading additional malicious software to the infected system, with the primary purpose of stealing sensitive information and performing denial of service attacks.

Check Point: 3 Most Popular Malware Threats in July 2019:

During July, Lotoor was the most widespread malware on mobile, followed by AndroidBauts and Piom - two new malware families appearing on the list for the first time.

1. Lotoor - A hacking tool that exploits vulnerabilities in the Android operating system to gain full access rights (root) to infringed mobile devices.
2. AndroidBauts – This is Adware that targets Android users. The software erases the device's IMEI, IMSI, GPS location and other information and enables it third-party applications on the device.
3. Piom - This is Adware that monitors the user's browsing behavior and distributes unwanted ads based on the user's activity.
 
Check Point: 3 vulnerabilities 'most frequently exploited' in July 2019

In June, SQL Injections continued to top the list, affecting 46% of organizations worldwide. The OpenSSL TLS DTLS Heartbeat Information Disclosure vulnerability came in second, affecting 41% of organizations worldwide, closely followed by the MVPower DVR Remote Code Execution with an impact on 40% of organizations worldwide.

1. Q SQL Injection (various techniques) - This is the insertion of an SQL query into the data provided by the client in an application, thus exploiting a vulnerability that exists in the code of that application.
2. ↔ OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346) b X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X OpenSSL. X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X The heartbeat The heartbeat TLS / DTLS. X XX X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X THE OUTLINE ± OUTLINE ± OUTLINE ± OUTLINE OUTLINE »OUTLINE OUTLINE OUTLINE OUTLINE Ξ OUTLINE OUTLINE · OUTLINE O OXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
3. ↑ MVPower DVR Remote Code Execution - MVPower DVRs have a vulnerability to code remotely. A remote attacker can exploit this flaw and execute arbitrary code on the affected router via a crafted request.

* The full list of the most common malware threats worldwide 10 can find yourself here.

____________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).