Check Point World Threat List July 2019

Check Point Research, the research division of Check Point® Software Technologies Ltd., released the latest Global Threat List for July at 2019.

The research team warns organizations about a new vulnerability discovered in the OpenDreamBox 2.0.0 WebAdmin Plugin that affected 32% of organizations worldwide in July.

This particular vulnerability, ranked eighth with the most commonly exploited vulnerabilities, allows attackers to execute remote commands on target machines. The vulnerability exploit was triggered in parallel with other attacks targeting IoT devices - more specifically the execution of the MVPower DVR remote code (the third most popular vulnerability exploited in July). This program is also known to be associated with the infamous Mirai botnet.

Cryptoloot use also declined sharply during July, ranking 10th in the list of the most widespread malware, while in June it was third.

"Malicious actors try to exploit new vulnerabilities as soon as they appear, before the organizations can fix them. OpenDreamBox vulnerability is no exception. However, the fact that almost one-third of organizations worldwide are affected is surprising. This fact highlights the importance of quickly correcting such security concerns for businesses, "said Maya Horowitz, Director of Check Point Information and Threat Research.

 

Check Point

"The sharp decline in the use of Cryptoloot is also of interest. This software had dominated the last one and a half years while being the second most prevalent version of malware in the first six months of 2019. and captured the second most common variant of malware observed in the first half of 2019, affecting 7,2% of organizations worldwide. We believe the decline is linked to its main competitor, Coinhive, which stopped operating earlier within 2019. Cybercriminals rely on alternative malicious cryptomining software such as XMRig and Jsecoin. "
 
Check Point: 3 most prevalent malware threats in July 2019:

* The arrows indicate the change in rank relative to the previous month.

XMRig is at the top of the list, affecting 7% of organizations worldwide. Jsecoin and Dorkbot followed, affecting 6% of organizations globally.

1. ↔ XMRig - XMRig is an open source CPU mining software for the Monero cryptocurrency production process that was first launched in May on 2017.
2. ↔ Jsecoin - JavaScript mining software that can be embedded in websites. With JSEcoin, you can run the mining software directly on your browser in exchange for an ad-free browsing experience, game currencies and other incentives.
3. ↑ Dorkbot - Worm based on IRC, designed to allow remote execution of code by its operator, as well as downloading additional malicious software to the infected system, with the primary purpose of stealing sensitive information and performing denial of service attacks.

Check Point: 3 Most Popular Malware Threats in July 2019:

During July, Lotoor was the most widespread malware on mobile, followed by AndroidBauts and Piom - two new malware families appearing on the list for the first time.

1. Lotoor - A hacking tool that exploits vulnerabilities in the Android operating system to gain full access rights (root) to infringed mobile devices.
2. AndroidBauts - This is Adware that targets Android users. The software deletes the IMEI, IMSI, GPS location and other device information and allows third-party applications to be installed on the device.
3. Piom - This is Adware that monitors the user's browsing behavior and distributes unwanted ads based on the user's activity.
 
Check Point: 3 vulnerabilities 'most frequently exploited' in July 2019

In June, SQL Injections continued to top the list, affecting 46% of organizations worldwide. The OpenSSL TLS DTLS Heartbeat Information Disclosure vulnerability came in second, affecting 41% of organizations worldwide, closely followed by the MVPower DVR Remote Code Execution with an impact on 40% of organizations worldwide.

1. Q SQL Injection (various techniques) - This is the insertion of an SQL query into the data provided by the client in an application, thus exploiting a vulnerability that exists in the code of that application.
2. ↔ OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346) b X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X OpenSSL. X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X The heartbeat The heartbeat TLS / DTLS. X XX X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X THE OUTLINE ± OUTLINE ± OUTLINE ± OUTLINE OUTLINE »OUTLINE OUTLINE OUTLINE OUTLINE Ξ OUTLINE OUTLINE · OUTLINE O OXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
3. ↑ MVPower DVR Remote Code Execution - MVPower DVRs have a vulnerability to code remotely. A remote attacker can exploit this flaw and execute arbitrary code on the affected router via a crafted request.

* The full list of the most common malware threats worldwide 10 can find yourself here.

____________________

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).