Check Point World Threat List July 2019

Check Point Research, the research division of Check Point® Software Technologies Ltd., released the latest Global Threat List for July at 2019.

The research team warns organizations about a new vulnerability discovered in the OpenDreamBox 2.0.0 WebAdmin Plugin that affected 32% of organizations worldwide in July.

This particular vulnerability, ranked eighth with the most commonly exploited vulnerabilities, allows attackers to execute remote commands on target machines. The vulnerability exploit was triggered in parallel with other attacks targeting IoT devices - more specifically the execution of the MVPower DVR remote code (the third most popular vulnerability exploited in July). This program is also known to be associated with the infamous Mirai botnet.

Κατά τη διάρκεια του Ιουλίου επίσης μειώθηκε δραστικά η χρήση του Cryptoloot, καθώς βρέθηκε στη δέκατη θέση της λίστας με τα πιο δια malware, while in June it was in third place.

"Malicious actors try to exploit new vulnerabilities as soon as they appear, before the organizations can fix them. OpenDreamBox vulnerability is no exception. However, the fact that almost one-third of organizations worldwide are affected is surprising. This fact highlights the importance of quickly correcting such security concerns for businesses, "said Maya Horowitz, Director of Check Point Information and Threat Research.

 

Check Point

"The sharp decline in the use of Cryptoloot is also of interest. This software had dominated the last one and a half years while being the second most prevalent version of malware in the first six months of 2019. and captured the second most common variant of malware observed in the first half of 2019, affecting 7,2% of organizations worldwide. We believe the decline is linked to its main competitor, Coinhive, which stopped operating earlier within 2019. Cybercriminals rely on alternative malicious cryptomining software such as XMRig and Jsecoin. "
 
Check Point: 3 most prevalent malware threats in July 2019:

* The arrows indicate the change in rank relative to the previous month.

XMRig is at the top of the list, affecting 7% of organizations worldwide. Jsecoin and Dorkbot followed, affecting 6% of organizations globally.

1. ↔ XMRig – XMRig is a CPU mining software πηγαίου κώδικα για τη διαδικασία παρs of the Monero cryptocurrency that was first seen in circulation in May 2017.
2. ↔ Jsecoin - JavaScript mining software that can be embedded in websites. With JSEcoin, you can run the mining software directly on your browser in exchange for an ad-free browsing experience, game currencies and other incentives.
3. ↑ Dorkbot - Worm based on IRC, designed to allow remote execution of code by its operator, as well as downloading additional malicious software to the infected system, with the primary purpose of stealing sensitive information and performing denial of service attacks.

Check Point: 3 Most Popular Malware Threats in July 2019:

During July, Lotoor was the most widespread malware on mobile, followed by AndroidBauts and Piom - two new malware families appearing on the list for the first time.

1. Lotoor – A hacking tool that exploits vulnerabilities in the Android operating system to full access rights (root) to compromised mobile devices.
2.    AndroidBauts – Πρόκειται για που στοχεύει τους χρήστες Android. Το λογισμικό απαλείφει το IMEI, το IMSI, το GPS location και άλλες πληροφορίες της and allows the installation of third-party applications on the device.
3. Piom - This is Adware that monitors the user's browsing behavior and distributes unwanted ads based on the user's activity.
 
Check Point: 3 vulnerabilities 'most frequently exploited' in July 2019

In June SQL Injection techniques continued to top the relevant list, affecting 46% of organizations worldwide. The OpenSSL TLS DTLS Heartbeat Information Disclosure vulnerability came in second place affecting 41% of organizations worldwide, closely followed by MVPower DVR Code Execution impacting 40% of organizations worldwide.

1. Q SQL Injection (various techniques) – It is about inserting an SQL query into the data provided by in an application, thereby exploiting a vulnerability that exists in the code of that application.
2. ↔ OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346) b X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X OpenSSL. X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X The heartbeat The heartbeat TLS / DTLS. X XX X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X THE OUTLINE ± OUTLINE ± OUTLINE ± OUTLINE OUTLINE »OUTLINE OUTLINE OUTLINE OUTLINE Ξ OUTLINE OUTLINE · OUTLINE O OXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
3. ↑ MVPower DVR Remote Code Execution - MVPower DVRs have a vulnerability to code remotely. A remote attacker can exploit this flaw and execute arbitrary code on the affected router via a crafted request.

* The full list of the most common malware threats worldwide 10 can find yourself here.

____________________

iGuRu.gr The Best Technology Site in Greecefgns

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).