Cyware Weekly Cyber Threat Intelligence December 24-28, 2018

Weekly Threat Briefing • December 28, 2018
Weekly Threat Briefing • December 28, 2018
The Good
The last Friday of the year is here. Let’s welcome the last weekend of 2018 with the most interesting cybersecurity news of the week. Let’s start with all the positive events and advancements that happened in the cybersecurity community over the past week. NIST is out with the final version of its Risk Management Framework (RMF) 2.0 update providing organizations with a new guideline to define and manage risk. The UK government announced a new standard for cybersecurity that protects driverless cars from hackers.
The Bad
Over the past week, quite a few data breaches and cyber attacks have occurred. The San Diego School District was hit by a massive data breach. Cybercriminals were spotted selling the personal information of American children on different dark web markets. BevMo was hit by a massive data breach, compromising the payment card data of 15,000 customers. Meanwhile, cybercriminals hacked Electrum bitcoin wallets, stealing over 200 bitcoins worth $750,000.
New Threats
Over the past week, several new vulnerabilities, malware, and ransomware were discovered. A vulnerability in the ThinkPHP framework was exploited by the hacker group D3c3mb3r. A proof-of-concept that could be used to create a Facebook worm was published online. A bug in Orange modem leaked Wi-Fi credentials of thousands of users. After 18 months, WannaCry continues to be a persistent threat and lurk on infected computers. Meanwhile, few MacOS malware samples went undetected by most of the antivirus providers.