Cyware Weekly Cyber Threat Intelligence December 10-14, 2018

Weekly Threat Briefing • Dec 14, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Dec 14, 2018
The Good
Breath a sigh of relief for it is Friday again. Let's welcome the weekend with the most interesting cybersecurity news of the week. Let’s start with the good events that occurred over the week before getting into the details of cyberattacks and new malware threats that were identified this week. HYPR released its password-less security solution on MacOS. Adobe Sign has updated its digital ID authentication feature. Meanwhile, the Democrat Senate group has introduced Data Care Act.
HYPR released its employee access solution for MacOS, enabling businesses to secure password-less access to employees thereby eliminating password re-use, preventing phishing attacks, and improving workforce productivity worldwide.
Adobe Sign has updated its digital ID authentication feature aiming to enhance signer security using a smartphone or selfie. It has also introduced a new signer identification feature called ‘Government ID Authentication’, that allows users to snap a photo of their driver’s license or passport as a form of digital ID authentication.
The Democrat Senate group has introduced Data Care Act to protect Americans’ information online. The Act would require websites, apps, and other online providers to take responsibility for protecting personal sensitive information and preventing the misuse of users’ data.
The Bad
Several massive cyberattacks and data breaches have occurred over the past week. Oil firm Saipem’s servers in the Middle East were hit by a massive cyberattack. Hackers stole login credentials from over 40,000 government authority accounts. Meanwhile, a misconfigured cloud server exposed taxpayer ID numbers of almost 120 million Brazilians.
Oil firm Saipem’s servers in the Middle East hit by a massive cyberattack. Saipem detected a cyberattack that affected its servers in the Middle East, including the United Arab Emirates, Kuwait, and Saudi Arabia. It’s servers in its main operating centers in Italy, France, and Britain were not affected.
Bethesda inadvertently leaked Fallout 76 customers’ data. Bethesda accidentally shared its Fallout 76 support ticket information to other players using its help desk. The support ticket information included private data of players such as receipts, names, home addresses, email addresses, and credit card information.
Hackers stole login credentials from over 40,000 government authority accounts. The stolen data includes usernames and passwords in plain text. More than half of the stolen accounts (52 percent) belonged to Italian government officials.
Data breach at Baylor Scott and White medical center impacted nearly 47,000 patients. Data that may have been accessed in the breach includes names, mailing addresses, phone numbers, dates of birth, medical record numbers and more.
The healthcare center claims that no social security numbers and medical record information were compromised in the breach.
Misconfigured cloud server exposed taxpayer ID numbers of almost 120 million Brazilians. A misconfigured Apache server containing CPF numbers of nearly 120 million Brazilians were exposed for an unknown period of time. The exposed CPF’s were linked to people’s sensitive information such as names, birth dates, emails, phone numbers, addresses, employment details, and more.
Save the Children Federation lost $1 million to a cyberscam that involved the use of fake invoices. The scammers gained unauthorized access to employees’ email accounts to send fake invoices and other fraudulent documents.
New Threats
Over the past week, several vulnerabilities, malware, and ransomware were discovered. The new Satan ransomware variant Lucky was found exploiting over 10 server-side vulnerabilities. A new sextortion scam was uncovered that delivers the Azorult data-stealer and the GandCrab ransomware. Meanwhile, newly discovered Novidade exploit kit affected millions of SOHO and home routers.