Take a look at the names of the worst point in February


Check Point Research has published the Global Threat Index for February 2019.

The index shows that Coinhive has once again been guiding the Global Threat Index for its 15th month, despite the fact that their services were closed from March 8, 2019.

Check Point inspectors have also found out a number of extensive campaigns that spread out ransomware GandCrab which has targeted Japan, Germany, Canada and Australia.

These nations are just part of the target countries.

These works have appeared over the past two months, and Check Point investigators noted that a new version of the ransomware had been spread in one of the latest campaigns.

The new version, Gandcrab V5.2, includes the majority of the characteristics of the latter, but changes in the encryption method which has led to the disqualification tool for versions Previously effective ransomware.

In February, the most common malware differences were among them.

Coinhive is still in the top body, affecting 10% of organizations worldwide.

This continues to lower movement in Coinhive's global impact, from 18% in October 2018 to 12% in January 2019 and with a 2% reduction this month.

The reduction was caused by the increase in mining costs and the reduction in the value of Monero.

Cryptoloot rose to second place in February replacing XMRig, followed by Emotet, an advanced Trojan, self-propagate and a model, which replaced Jsecoin's third place in the index.

Point Point director of intelligence and research, Maya Horowitz, said, “As we have seen in January, threat actors are continuing to take advantage of new ways of spreading mistakes while making new versions t more risk of existing malware forms.

“The new GandCrab version confirms that unhealthy families who live in the list are high malware for several months and seem to be growing and developing for accessing then went out.

“To counteract this effectively, our researchers will continue to find their work with DNA within the family. It is therefore essential that groups review their security solutions, ”she said.

Best of Best Malware: February 2019: t

1. Coinhive – Cryptominer designed for an online mining of Monero cryptocurrency when a user visits a web page without the user's experience or license of the profits with the user. The carved JavaScript will use many of the End Users' computing facilities to mine medals, and it can harm the system.

2. Cryptoloot – Cryptominer using the sufferer's CPU or the power of GPU and existing facilities for crypto mining – removing currencies to baggage and selling new money. It's a competitor for Coinhive, trying to pull that flag under that by asking a smaller percentage of income from websites.

3. Emotet – Advanced, self-employed and modular conduct. Emotet used to work as a Trojan bank, and has recently been used as a dispersal group for other malicious or malicious operations. It uses a variety of methods to maintain and prevent maintenance problems. In addition, it can be e-mailed spishing by linking links or malicious links.

This month Lotoor is the most common moving malware, replacing Hiddad at the first point in the highest mobile malware list. Triada is still in third place.

The 3 Malware Best Mobile in February:

1. Lotoor – tool Hack that affects the vulnerability of the Android operating system to the benefits of mobile devices that are at risk.

2. Hiddad-Android malware that is retrieving valid apps and then releasing them to a third party store. The main function is to display advertisements, but it is also possible to get into key security information submitted into the OS, allowing for a sensitive data usage attacker.

3. Triada – The background for Modal for Android which gives permissions to download malware, as it helps it to rotate in system processes. Triada was also seen appearing in spy URLs in a browser.

Check Point inspectors also examined the most serious vulnerabilities affected.

CVE-2017-7269 continues to manage the best vulnerabilities with 45%.

OpenSSL TLS DTLS Information on Parameters The second most vulnerable level is having an international impact of 40%, then with PHPMyAdmin Misconfiguration Code Injection, affecting 34% of organizations across the region. world rank.

The most vulnerable 3 main cuts:

1. Streaming Microsoft IIS WebBav WebDAV ScStoragePathFromUrl (CVE-2017-7269) – By submitting a religious application across network to Microsoft Windows Server 2003 R2 through Microsoft Internet Information Services 6.0, a remote remote sensor may also use a has imposed a service on a target operator with a conditional refusal service. That's particularly the result of a buffer stream vulnerability that has caused a valid validation of a long header in an HTTP request.

2. Open information on OpenSSL TLS DTLS for heartbeat (CVE-2014-0160; CVE-2014-0346) – OpenSSL has vulnerability to publishing information. Vulnerability is the result of error when we're handling pulse packages of TLS / DTLS. An attacker may direct this vulnerability to distribute memorial material in a connected client or server.

3. PHPMyAdmin web servers Misconfiguration Code Injection – Code code vulnerability code PHPMyAdmin has been reported. Vulnerability is the result of mis-design PHPMyAdmin. A remote attacker may use this vulnerability by sending an HTTP request that has been designed to the target.

Source link