Cyware Weekly Cyber Threat Intelligence January 7-11, 2019

Weekly Threat Briefing • January 11, 2019
Weekly Threat Briefing • January 11, 2019
The Good
We’re back with the most interesting cybersecurity of the week. Let’s start with all the positive advancements that happened in the cybersecurity landscape. Google has announced new features on G suite to alert admins on phishing and data exfiltration activities. T-Mobile announced caller verification technology to combat Spammers. Meanwhile, two Senators introduced a bill to protect the U.S. from supply chain security issues.
The Bad
Over the past week, several data breaches and massive cyber attacks happened. Ethereum Classic was hit by a majority attack with over $1 million potentially stolen. Another data breach was noted this week which hit Singapore Airlines stealing private data of 285 customers. Meanwhile, a large group of Reddit users’ accounts were found to be locked out due to some unusual activity.
New Threats
Several vulnerabilities and malware strains emerged over the past week. Cybercriminals were spotted using a combination of Vidar Malware and GandCrab Ransomware in a single attack. CryptoMix ransomware returned with a new attack campaign targeting weak RDP ports. A new malware strain ‘IcePick-3PC’ was discovered by researchers which is capable of stealing device IP addresses. Last but not least, a group of researchers identified a new type of side-channel attack that is hardware agnostic and targets Operating System (OS) page cache.