Cyware Weekly Cyber Threat Intelligence April 09 - 13, 2018

Weekly Threat Briefing • Apr 13, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Apr 13, 2018
Governments and researchers have made notable advances this week towards addressing growing threats and risks in the cyber realm this week. UK Home Secretary Amber Rudd announced a multi-million pound crackdown on illegal activity on the dark web. In a similar vein, a new multi-million cyber-innovation centre will be built in London to spur development in the cybersecurity sector. Cisco is working with researchers to develop new security techniques to help enterprises safeguard against quantum attacks. Meanwhile, MIT Media Lab researchers have developed an innovative mind reader headset that can translate your thoughts onto a screen.
Britain’s Home Secretary Amber Rudd has launched a police crackdown on dark web crime. During a speech at the National Cyber Security Centre’s conference, Rudd announced the Home Office will be releasing £9m to support law enforcement units that deal with cybercrime and dark web activity. Another £5m will be spent on improving local cybercrime units at a regional and local level. The funding is part of the £50 million allocated to bolster the UK’s cyber-defensive capabilities at a national, regional and local level.
A new £13.5 million cyber innovation centre is being developed at London’s Queen Elizabeth Olympic Park to spur growth and development in the growing East London tech cluster and the nation’s cybersecurity sector. Run by Plexal, the London Cyber Innovation Centre will offer local start-ups the infrastructure, space and technology to work closely with larger enterprises on security risks, challenges and solutions.
Cisco Systems with working with Canadian startup Isara, to develop new quantum-safe cryptographic algorithms that may help companies protect their internal systems, platforms and data against potentially powerful quantum threats. The two companies will be working on a proof-of-concept project to test digital certificates that operate in both classic and quantum-safe algorithm modes.
MIT Media Lab researchers have developed a new headset dubbed AlterEgo that can “hear” your thoughts and allows you to “silently” communicate with a computer interface simply by vocalizing internally. By reading the neuromuscular signals your brain sends to the face and jaw during internal speech, the headset can identify the words you think of, but don’t actually say out loud, and reconstruct it with 92% accuracy.
Another week, another round of security breaches and attacks. This week, Sodexo said its cinema vouchers platform Filmology suffered a “targeted attack” while medical device maker Inogen disclosed a data breach via an employee email account. “Despacito” fans were met with a rude surprise this week after hackers managed to hijack and deface an array of popular music videos on YouTube. About $3 million worth of Bitcoins were stolen from India’s Coinsecure in one of the country’s biggest crypto-heists so far.
Food services and facilities management Sodexo has warned a number of customers to cancel their credit attack after its cinema voucher platform, Filmology, suffered a “targeted attack”. The website was taken down “to eliminate any further potential risk” to consumers and the incident has been reported to the UK’s Information Commissioner’s Office. Sodexo Filmology has advised all employees who used the site between March 19 through April 3 to cancel their payment cards and check their payment card statements.
Inogen revealed it experienced a security incident that saw an employee’s email account illegally accessed between January 2 and March 14 this year. Rental customers’ personal information including names, contact information and Medicare identification numbers were compromised in the breach. However, no financial data was accessed.\
A number of popular music videos posted by music service Vevo on YouTube were hijacked and defaced by hackers calling themselves Prosox and Kuroi’sh. The music video for the hit song Despacito along with others by Shakira, Selena Gomez, Drake and Adele were affected. The clip was replaced with a photo of masked people wielding guns at the camera while the description below the video was replaced with the words “Free Palestine”. The videos were briefly taken down until the issue was resolved.
Nearly 438 bitcoins worth $3 million were stolen from Coinsecure, a Delhi-based cryptocurrency exchange. However, the company said its system was not hacked or compromised. The company has filed an FIR accusing its CSO of swiping the money from the firm’s digital wallet and have asked authorities to bar him from leaving the country until the investigation is completed.
This week, researchers uncovered several new threats including suspicious Mirai-like scanning activity, ransomware that only decrypts your files if you spend quality time playing a game and a new malware dubbed SmashingCoconut that looks an awful lot like the one used in the 2014 Sony hack. In other news, hackers have been exploiting thousands of legitimate websites to unknowingly spread malware via fake software updates for months.