Check Point World Threat List July 2019

Check Point Research, the research division of Check Point® Software Technologies Ltd., released the latest Global Threat List for July at 2019.

The research team warns organizations about a new vulnerability discovered in the OpenDreamBox 2.0.0 WebAdmin Plugin that affected 32% of organizations worldwide in July.

This particular vulnerability, ranked eighth with the most commonly exploited vulnerabilities, allows attackers to execute remote commands on target machines. The vulnerability exploit was triggered in parallel with other attacks targeting IoT devices - more specifically the execution of the MVPower DVR remote code (the third most popular vulnerability exploited in July). This program is also known to be associated with the infamous Mirai botnet.

Cryptoloot use also declined sharply during July, ranking 10th in the list of the most widespread malware, while in June it was third.

"Malicious actors try to exploit new vulnerabilities as soon as they appear, before the organizations can fix them. OpenDreamBox vulnerability is no exception. However, the fact that almost one-third of organizations worldwide are affected is surprising. This fact highlights the importance of quickly correcting such security concerns for businesses, "said Maya Horowitz, Director of Check Point Information and Threat Research.

 

Check Point

"The sharp drop in Cryptoloot usage is also interesting. The specific had dominated the past year and a half while being the second most prevalent malware variant in the first six months of 2019. and ranked as the second most common malware variant seen in the first half of 2019, affecting 7,2% of organizations worldwide. We believe the decline is linked to its main competitor, Coinhive, going out of business earlier in 2019. Cybercriminals rely on alternative cryptomining malware, such as XMRig and Jsecoin.”
 
Check Point: 3 most prevalent malware threats in July 2019:

* The arrows indicate the change in rank relative to the previous month.

XMRig is at the top of the list, affecting 7% of organizations worldwide. Jsecoin and Dorkbot followed, affecting 6% of organizations globally.

1. ↔ XMRig - XMRig is an open source CPU mining software for the Monero cryptocurrency production process that was first launched in May on 2017.
2. ↔ Jsecoin - JavaScript mining software that can be embedded in websites. With JSEcoin, you can run the mining software directly on your browser in exchange for an ad-free browsing experience, game currencies and other incentives.
3. ↑ Dorkbot - Worm based on IRC, designed to allow remote execution of code by its operator, as well as downloading additional malicious software to the infected system, with the primary purpose of stealing sensitive information and performing denial of service attacks.

Check Point: 3 Most Popular Malware Threats in July 2019:

During July, Lotoor was the most widespread malware on mobile, followed by AndroidBauts and Piom - two new malware families appearing on the list for the first time.

1. Lotoor – Hacking tool that exploits operating system vulnerabilities to gain full access rights (root) to compromised mobile devices.
2.    AndroidBauts – Πρόκειται για Adware που στοχεύει τους χρήστες Android. Το λογισμικό απαλείφει το IMEI, το IMSI, το GPS location και άλλες της συσκευής και επιτρέπει την εγκατάσταση τρίτων εφαρμογών στη συσκευή.
3. Piom - This is Adware that monitors the user's browsing behavior and distributes unwanted ads based on the user's activity.
 
Check Point: 3 vulnerabilities 'most frequently exploited' in July 2019

In June SQL Injection techniques continued to top the relevant list, affecting 46% of organizations worldwide. The OpenSSL TLS DTLS Heartbeat vulnerability Disclosure came in second place impacting 41% of organizations worldwide, closely followed by MVPower DVR Remote Code Execution impacting 40% of organizations worldwide.

1. Q SQL Injection (various techniques) - This is the insertion of an SQL query into the data provided by the client in an application, thus exploiting a vulnerability that exists in the code of that application.
2. ↔ OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346) b X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X OpenSSL. X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X The heartbeat The heartbeat TLS / DTLS. X XX X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X THE OUTLINE ± OUTLINE ± OUTLINE ± OUTLINE OUTLINE »OUTLINE OUTLINE OUTLINE OUTLINE Ξ OUTLINE OUTLINE · OUTLINE O OXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
3. ↑ MVPower DVR Remote Code Execution - MVPower DVRs have a vulnerability to code remotely. A remote attacker can exploit this flaw and execute arbitrary code on the affected router via a crafted request.

* The full list of the most common malware threats worldwide 10 can find yourself here.

____________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.082 registrants.

20142017Check Pointsecurity threatsbetter safety

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).