Cyware Monthly Threat Intelligence

Monthly Threat Briefing • May 31, 2019
Monthly Threat Briefing • May 31, 2019
The Good
As we gear up to a new month of the year, let’s quickly glance through all that happened over the past month. Before we get into the cybersecurity incidents and the new threats, let’s first acknowledge all the positive events that happened over the past month. Google has added two new privacy and security features in Chrome. Microsoft has introduced the passwordless authentication method ‘Windows Hello’, to enable Windows 10 users to sign in to their devices using biometric. Meanwhile, Amazon has launched a new feature dubbed ‘Alexa Guard’ which transforms the Echo smart speaker into a smart home security system.
The Bad
The month of May witnessed numerous data breaches and cyber attacks that saw the exposure of millions of people's personal information across the globe. Amazon has disclosed that it was hit with an extensive fraud last year, where attackers compromised almost 100 seller accounts and stole the loan funds. The networks of Baltimore City Hall and Potter County have been infected with ransomware, forcing the local authorities to shut down the majority of its servers. Last but not least, HCL has inadvertently leaked employees’ personal information and plaintext passwords, customer reports, and web applications for managing personnel.
New Threats
Several new malware, ransomware, vulnerabilities, and threat groups emerged over the past month. Threat actor group TA542 ’s signature payload Emotet was found distributing third-party payloads such as Qbot, The Trick, IcedID, and Gootkit. The Department of Homeland Security (DHS) has published a detailed analysis of the ELECTRICFISH malware, which is associated with the North Korean government. Meanwhile, WhatsApp had a critical vulnerability in its audio call feature that could allow attackers to install spyware on mobiles via a WhatsApp call.