Cyware Weekly Cyber Threat Intelligence December 17 - 21, 2018

Weekly Threat Briefing • Dec 21, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Dec 21, 2018
The Good
With Christmas around the corner, let’s gear up for the festive weekend with the most interesting cybersecurity news of the week. Let’s first take a look at all the good events that occurred in the past week. South Korea’s Financial Supervisory Services and SK telecom together have developed an AI to prevent voice phishing attacks. Google engineers are working on blocking the ‘Back button’ hijacking of browser history. Meanwhile, Cybersecurity and Infrastructure Security Agency Act has been passed.
South Korea’s Financial Supervisory Service and SK telecom together develop AI to prevent voice phishing attacks. The Financial Supervisory Services will provide data on financial fraud while the SK telecom will develop an AI system that alerts callers on phishing call.
Google is working on blocking the ‘Back button’ hijacking of Chrome browser. Google engineers are currently working on an update that will block malicious websites from hijacking the Chrome browser's history and, indirectly, the Back button.
Cybersecurity and Infrastructure Security agency bill has been passed. The bill will replace the National Protection and Programs Directorate with the new Cybersecurity and Infrastructure Security Agency. The White House has agreed to a Senate version of the Cybersecurity and Infrastructure Security Agency (CISA) without opposition.
The Bad
Over the past week, several data breaches and massive cyber attacks have occurred. Brazilian IT firm Tivit was hit by a massive cyber attack. Facebook data breach exposed 6.8 million users’ photos. Twitter suffered a data breach and suspects state-sponsored hackers to be behind the attack. Meanwhile, Nasa suffered a data breach affecting its employees’ personal information.
A massive cyber attack hit Brazilian IT firm Tivit that exposed its clients' credentials online. Tivit confirmed that nine of its employees fell for an email phishing attack last week. This incident involved data from 19 other companies including Faber, Zurich, Banco Original, SAP and more.
Data breach hit Facebook exposing 6.8 million users’ photos. The social networking site has come under fire again for a new API bug leaked private photos of 6.8 million users to third-party apps. The leaked photos were accessible by 1,500 apps built by 876 developers.
Twitter suspects state-sponsored threat actors to be behind its recent data breach. The attack targeted one of Twitter’s support forms which the account users use to contact Twitter about the issues they have with their account. Twitter confirmed that the data breach did not expose full phone numbers or any other private data.
Hackers hit the University of Vermont Health Network. Elizabethtown Community Hospital suffered a data breach as one of their employee’s email account was remotely accessed by an unauthorized user. The hospital confirmed that the data breach did not involve the hospital’s computer networks or electronic medical records.
Government payment portal Click2Gov hit by cyber attack. The payment system in dozens of town across the US got hacked by cybercriminals. Security research firm confirmed that at least 294,929 payment records have been compromised in 46 U.S cities. The criminals have earned approximately $1.7 million by selling the records on the Dark Web for $10 per record.
Nasa suffered a data breach affecting its employees’ personal information. The US National Aeronautics and Space Administration (NASA) disclosed that it has suffered a data breach that may have resulted in the compromise of personal information of both current and former employees.
Facebook gave Spotify, Netflix, and Royal Bank of Canada read and write access to users’ private messages. The most popular social networking site Facebook is in data-sharing partnership with Apple, Amazon, Microsoft, Spotify, Netflix, Royal Bank of Canada, Yahoo, and more.
Nine Managed service providers including HPE and IBM targeted in APT10 attacks. The Chinese cyber espionage group APT10 also known as MenuPass, Red Apollo, Stone Panda was accused of hacking a large number of managed service providers including HPE and IBM.
Caribou coffee chain suffered a data breach impacting 239 stores. Cybercriminals gained unauthorized access on to the coffee chain’s point of sale (POS) systems as a result of which customers’ data were exposed.
New Threats
Several vulnerabilities, malware, and ransomware were discovered over the past week. Magecart’s card skimming tool was up for sale in the Dark Web. Researchers uncovered computer chip vulnerabilities that could lead to failures in modern electronics. GrandCrab ransomware was spotted using fileless techniques. Shamoon malware returns with a new variant. New malware built for SEO injection spotted targeting WordPress. Meanwhile, Microsoft releases an emergency patch for zero-day in Internet Explorer.