| Cyware Weekly Cyber Threat Intelligence | March 19 - 23, 2018

Weekly Threat Briefing • Mar 23, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Mar 23, 2018
Researchers have made progress in lot many areas, this week. The US Army is moving closer towards developing a new method that would leverage brain-like computer architectures for integer factorization. Meanwhile, scientists at University of Texas at San Antonio (UTSA) developed a new algorithm that helps in detecting and preventing cyber attacks in real-time.
The best news of all, researchers from the Moscow Institute of Physics and Technology are making progress in creating ultra-high-speed quantum internet.
U.S Army is moving closer to cracking codes with brain-like computers. A new method to leverage upcoming brain-like computer architectures for a well known old number-theoretic problem known as integer factorization has been discovered by scientists at the U.S Army Research Laboratory. The scientists have mimicked brain functions of mammals in computing and subsequently opened up paths to new age solution space that is very different from traditional architectures but nearer to devices that are able to operate within size-, weight-, and power constrained environments. The new technology will dramatically increase computing power in the battlefield and exponentially increase information processing and computational problem-solving capability.
If there is one thing on which almost everyone would agree, it would be needed for a faster internet. Now, researchers from the Moscow Institute of Physics and Technology are making progress in creating ultra-high-speed quantum internet by using a previously known substance called ‘silicon carbide’. The paper published in npj Quantum Information talks about increasing data transfer rate in unconditionally secure quantum communication lines to more than 1 Gbps bringing it at par with its classical counterpart. Silicon Carbide is a semiconductor that gave birth to the field of optoelectronics. It is the same material in which the phenomenon of electroluminescence was observed for the first time and later used to create the world’s first light-emitting diode (LED).
Scientists at the University of Texas at San Antonio (UTSA) have developed a new algorithm that may help detect and prevent cyber attacks on GPS-enabled devices in real time. Electrical Grids depend on GPS signals to understand time and location. For example, the US electrical power grid depends on GPS to give timestamps for its measurements at stations across the country. However, hackers can spoof these signals and disrupt the understanding of these signals. As of now, the algorithm has successfully mitigated the effects of spoofed GPS attacks on electrical grids and other GPS-reliant technologies.
This week registered one of the largest social media breaches, involving Cambridge Analytica, which impacted 50 million Facebook users. In other news, two companies have reportedly become victims of data breaches. Hackers have gained access to Camelot and Orbitz, impacting 10.5 million registered users and 880,000 payment cards respectively.
City of Atlanta suspects its systems have been infected with SamSam ransomware. In the meantime, a new attack on PREPA was reported from Puerto Rico.
One of the largest social media breaches in the history impacting 50 million people was unearthed when a whistleblower disclosed how Cambridge-Analytica violated privacy policy of Facebook to steal personal information of the users. An app, named My Digital Life, developed by the firm Cambridge Analytica paid 270,000 account holders to take a personality test. However, the data was then used to steal every account holders friend information. The information was later used to send targeted political advertisements. The breach has raised various serious questions and impacted the credibility of Facebook. Many governments across the world are now planning to posture their social media laws to prevent any misuse of data for manipulation of voters.
The famous fast-moving-games business Camelot has asked millions of National Lottery players to change their passwords following a suspicious activity involving lottery accounts. As per Camelot, the hackers have not been able to access core systems or databases and hence lottery draws or prizes have remained unimpacted. However, it has recommended about 10.5 million registered users to change their login passwords after a number of unauthorized logins were noticed. As per the officials, the account breaches might have been carried out through “credential stuffing” attack.
Soon after the United States disclosed that Russia had been targeting its energy sector, a new attack on PREPA, an energy utility organization, was reported from Puerto Rico. The company revealed that though hackers had succeeded in hacking it, but no customer data was compromised. The official disclosure further revealed that PREPA’s customer service system was not affected though the attack led to longer wait times at its service center.
Orbitz, a subsidiary of online travel agency Expedia Inc suffered a data breach impacting 880,000 payment cards. As per the official statement, hackers may have accessed personal information from about 880,000 payment cards. The breach is learned to have occurred somewhere between Jan. 1, 2016 and Dec. 22, 2017, for the partner platform and between Jan. 1, 2016 and June 22, 2016, for the consumer platform. The information that may have been stolen includes phone numbers, names, email and billing addresses. The company assured that social security numbers of its U.S customers were not impacted in the breach.
City of Atlanta’s computer systems were attacked probably by SamSam ransomware. The incident was confirmed by an official statement that disclosed the incident involving city computer’s experiencing outages on internal and customer-facing applications. While the attack did not impact the services but some applications that customers use to pay bills or access court-related information were severely impacted. As of now, there is no clarity if any personal or financial information or any kind of employee data has been compromised.
This week, researchers have discovered several new threats--including a new ransomware, a new cryptomining malware, and a new Android Trojan. The Zenis ransomware has been discovered and found using customized encryption method. Codenamed GhostMiner, a cryptomining malware was found leveraging PowerShell code to obtain fileless execution. The new Android Trojan, TeleRAT, uses Telegram Bot API to communicate with the command and control (C&C) server. Also, an old Java-based remote access tool named Qrypter, was found back in operations.