Cyware Weekly Cyber Threat Intelligence August 27 - 31, 2018

Weekly Threat Briefing • Sep 3, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Sep 3, 2018
Friday is here once again and that means it’s time for the weekly roundup of the biggest and most important cyber stories that came out over the past week. Before we dive into the latest malware, vulnerabilities and threat actors that cropped up, let’s take a look at all the positive advancements that took place in cyberspace this week. The US government charged a man over his connections to the Satori botnet. Instagram boosted its security and transparency and Germany set up a DARPA-like cybersecurity agency.
Instagram introduced three primary features this week, aimed at boosting its security and transparency. The features will allow users to better verify the authenticity of accounts that have a large following, use third-party apps such as Google Authenticator for two-factor authentication and apply to obtain the coveted blue tick for their accounts.
The US government charged 20-year-old Kenneth Schuchman over his alleged involvement with the Satori botnet. Schuchman has been charged with two counts of violating the U.S. Computer Fraud and Abuse Act and is believed to be the online persona Nexus Zeta who is believed to have operated Satori.
Germany has announced the creation of a new DARPA-like federal agency that will be tasked with creating cutting-edge technologies. The new agency will be responsible for creating new tech that will advance the nation’s cyber defensive capabilities.
A hacker that stole and leaked personal photos of Jennifer Lawrence and other Hollywood A-listers, has been sentenced to eight months in prison. George Garofano, 26, was accused of illegally hacking the private Apple iCloud accounts of 240 people.
The past week saw several major data breaches emerge. Brazilian cryptocurrency investment platform Atlas Quantum was hit by hackers. A Chinese hotel chain suffered a breach that resulted in the personal data of 130 million of its customers ending up on the dark web.
Brazilian cryptocurrency investment platform Atlas Quantum was hit by hackers that affected 261,000 customers. The attackers stole information such as included customers names, phone numbers, email addresses, and account balances.
Chinese hotel chain - Huazhu Hotels Group Ltd. - suffered a breach earlier this month. The breach resulted in the personal data of 130 million of its customers ending up on the dark web. The stolen data was found being peddled on a Chinese dark web forum for 8 bitcoins.
ABBYY, the optical character recognition software provider, inadvertently exposed over 200,000 highly sensitive corporate documents. The breach was caused by an unprotected MongoDB database that contained over 142GB of sensitive data.
Air Canada suffered a data breach that may have compromised the personal data of around 20,000 of the airline’s mobile app users. The exposed data likely included users’ names, email addresses and phone numbers. The airline said that it discovered the breach between August 22 to 24 after the company noticed unusual login behavior on its mobile app.
The past week saw numerous new malware, scams and vulnerabilities pop up. Security researchers discovered a new Android spyware called BusyGasper. A new triple threat malware called Android.Banking.L was uncovered which contains keylogging, banking malware and ransomware capabilities.