Cyware Weekly Cyber Threat Intelligence December 24-28, 2018

Weekly Threat Briefing • Dec 28, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Dec 28, 2018
The Good
The last Friday of the year is here. Let’s welcome the last weekend of 2018 with the most interesting cybersecurity news of the week. Let’s start with all the positive events and advancements that happened in the cybersecurity community over the past week. NIST is out with the final version of its Risk Management Framework (RMF) 2.0 update providing organizations with a new guideline to define and manage risk. The UK government announced a new standard for cybersecurity that protects driverless cars from hackers.
The National Institute of Standards and Technology issued out with the final version of its Risk Management Framework (RMF) 2.0 update, providing government agencies and commercial enterprises with a new guideline that aligns risk, privacy, and cyber-security controls.
The UK government has announced a new standard for cyber security to protect driverless cars from hacking. This new standard is also designed to attract investment in the UK’s autonomous vehicle industry.
The Bad
Over the past week, quite a few data breaches and cyber attacks have occurred. The San Diego School District was hit by a massive data breach. Cybercriminals were spotted selling the personal information of American children on different dark web markets. BevMo was hit by a massive data breach, compromising the payment card data of 15,000 customers. Meanwhile, cybercriminals hacked Electrum bitcoin wallets, stealing over 200 bitcoins worth $750,000.
The San Diego School District was hit by a data breach compromising the personal data of over 500,000 staffers and students. SDUSD suffered a data breach after cybercriminals launched a targeted phishing attack against a staffer to gain access to login credentials and use it to infiltrate the school district’s networks.
Cybercriminals were recently found selling the personal information of American children on different dark web markets. Information such as children's names, addresses, phone numbers, dates of birth, and Social Security Numbers were being advertised on underground markets. While the individual set of information is being sold at $10, bundles of sets are also being advertised at $490 or as high as $790.
BevMo was hit by a massive data breach recently. The cybercriminals gained unauthorized access to the BevMo website and installed a malicious code on the checkout page. The breach impacted nearly 15,000 customers and saw hackers compromise both credit card and personal information of customers.
Attackers recently hacked Electrum wallets, stealing over 200 bitcoins worth around $750,000. The attack resulted in the Electrum wallet apps displaying a message on users’ systems that asked them to download a malicious update from an unauthorized Github repository. The attack lasted for seven days and temporarily stopped after Github removed the attacker’s Github repository.
Nova Entertainment was hit by a data breach compromising over 250,000 users’ data. The personal information compromised in the breach includes usernames, passwords, residential addresses and other sensitive details of individuals. However, the firm confirmed that no financial information or copies of ID were affected.
New Threats
Over the past week, several new vulnerabilities, malware, and ransomware were discovered. A vulnerability in the ThinkPHP framework was exploited by the hacker group D3c3mb3r. A proof-of-concept that could be used to create a Facebook worm was published online. A bug in Orange modem leaked Wi-Fi credentials of thousands of users. After 18 months, WannaCry continues to be a persistent threat and lurk on infected computers. Meanwhile, few MacOS malware samples went undetected by most of the antivirus providers.