Cyware Weekly Cyber Threat Intelligence January 21-25, 2019

Weekly Threat Briefing • Jan 25, 2019
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Jan 25, 2019
The Good
We’re back with the most interesting cybersecurity news of the week. Let’s start with all the good events that happened in the cybersecurity landscape. Mitsubishi Electric Corporation announced this week that it has developed a multi-layered defense technology to protect connected vehicles from cyber attacks. Red Hat announced the release of its Podman project that provides enhanced security to Containers. Meanwhile, North Carolina(NC) has recently witnessed a newly proposed bill to strengthen customer data protection.
Mitsubishi Electic Corporation has developed as multi-layered defense technology that protects connected vehicles from cyber attacks by strengthening their head unit’s defense capabilities. This multi-layer defense technology helps achieve more secure vehicle systems in accordance with the increasing popularity of vehicles that are equipped for connection to external networks.
Red Hat has announced the release of its open-source Podman project on January 17, 2019. The Podman project has integrated multiple core security capabilities which enables organizations to run their containers securely. The core security capabilities include rootless containers and improved username space support for better container isolation.
North Carolina(NC) has recently witnessed a newly proposed bill centered around consumer data protection. The bill focuses on incorporating better security measures on consumer data. The bill proposes to classify ransomware attacks as breaches and proposes to provide credit freeze services to all citizens.
The Bad
Several data breaches and massive cyber attacks occurred over the past week. An online Casino group inadvertently exposed over 108 million records containing information such as bets, wins, deposits, and more. An unprotected ElasticSearch database exposed almost 24 million loan documents. Yet another unprotected ElasticSearch server containing 4 million intern applications exposed online. In the meantime, Nest security camera was hacked to broadcast warning of North Korea missile attack.
An ElasticSearch server of an online casino group was left publicly available without a password, accessible to anyone. The leaky server exposed almost 108 million records containing information such as bets, wins, deposits, withdrawals, including payment card details.
An unprotected ElasticSearch database was left publicly available online without authentication for at least a period of two weeks which resulted in the exposure of almost 24 million bank loan and mortgage documents. The exposed documents included documents from Citigroup, Wells Fargo, Capital One, and the Department of Housing and Urban Development among others.
A misconfiguration in the ElasticSearch server of AIESEC exposed at least 4 million intern applications. The exposed applications involved personal information such as email addresses, full names, dates of birth, gender, applicants’ reasons for applying for the internships, and interview details.
Financial services firm Cebuana Lhuillier suffered a data breach resulting in the compromise of almost 900,000 clients' personal information. The compromised private data included clients’ dates of birth, addresses, and source of income. However, no transaction details were compromised in the incident.
A massive cyber attack in Alaska has left almost 100,000 private data of households possibly compromised. The attack was the result of a virus infecting the public computer systems in the Division of Public Assistance (DPA). The computer systems contained critical personal information such as Social Security Numbers and residential addresses.
A family in Orinda, California experienced a broadcast warning coming from their Nest security camera. Attackers managed to hack their Nest surveillance system and broadcast a warning of an incoming nuclear missile attack from North Korea. The surveillance system was compromised by a stolen password which was exposed online.
ATLAS admin’s Steam account got hacked by an individual, causing their server to be taken offline for almost 5 and a half hours. Group of players found a technical exploit and used it to flood the server with whales, dragons, and PewDiePie spam messages.
BlackRock, the world’s largest asset manager, has accidentally posted sensitive information belonging to thousands of financial adviser clients on its website. The exposed information was spread across three spreadsheets and included names and email addresses of advisers who bought BlackRock’s exchange-traded funds (ETFs).
New Threats
Over the past week, several vulnerabilities and malware strains emerged. The infamous banking trojan Emotet was spotted again this week in a new form. A new ransomware family tracked as ‘Anatova’ was discovered by security researchers. Another new strain of ransomware dubbed as ‘hAnt’ was spotted targeting Bitcoin mining rigs. Last but not least, Redaman, a banking trojan that emerged in 2015 was back again, this time targeting Russian banks.