Cyware Weekly Cyber Threat Intelligence May 14 - 18, 2018

Weekly Threat Briefing • May 18, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • May 18, 2018
The week started on a good note with many countries taking proactive steps to bolster their cybersecurity. China has developed a defense system that can withstand over 500,000 attacks while the US has unveiled a five-year cybersecurity strategy to address the cyber risks in various sectors. Denmark has introduced a $240 million cyber defense plan that is aimed at protecting their business.
A mimic defense theory, developed by China, has withstood over 500,000 hacker attacks in an international challenge, held in Nanjing, capital of east China’s Jiangsu Province. The defense system features a constantly changing software environment which makes a conventional hacker difficult to locate a target. The idea which been inspired by Mimic Octopus -- which can change its appearance according to its environment -- was first proposed by Chinese scientists in 2007.
The US Department of Homeland Security has introduced a new cybersecurity strategy to keep pace with the evolving cyber risk landscape over the next five years. The strategy will mainly focus on five factors namely, Risk Identification; Vulnerability Reduction; Threat Reduction; Consequence Mitigation; and Enable Cybersecurity Outcomes.
The government of Denmark has unveiled a $240 million cyber defense plan that aims to protect government authorities, businesses and individuals from any cyber threat. The initiative was undertaken following the increase in attacks by cybercriminals and nation-state actors. The proposed plan is expected to be implemented in the next five years and consists of 25 concrete initiatives to bolster the society's defense system against cyber attacks.
Along with the good news, comes the bad. This week saw several data breaches worldwide including incidents impacting the City of Riverside’s Police and Fire department, the FPNSW, the Danish company DSB and the BCCI. Moreover, a researcher submitted a report this week that revealed the leak of more than 3 million Facebook users.
The city of Riverside’s Police and Fire department suffered yet another ransomware attack - the second one since the April incident. The department’s servers were badly hit in the attack with eight hours worth of data completely wiped out by the attackers. However, the good news is that the city had a backup of its data.
Up to 8,000 clients may have been affected due to a data breach affecting Family Planning New South Wales (FPNSW). The exposed data contained data of clients who have contacted FPNSW via its website over the past 2½ years to make appointments or give feedback. It included names, contact details, dates of birth and the reason for their inquiries. Officials claim that the attackers may have abused vulnerability in the software that was used to build the website, in order to execute the attack.
DSB, the largest train operating company of Denmark, suffered a massive DDoS attack that caused service disruption across the country. This DDoS attack halted train operations and blocked travelers from buying tickets. It also affected the company’s website, ticket machines, apps and 7-Eleven kiosks inside the railway stations.
Researchers have revealed a newly discovered breach that left data of more than 3 million Facebook users exposed for four years on an unsecured website. The leaked info consisted of information collected by the popular ‘myPersonality’ quiz, conducted on the social media site. The website’s low security potentially gave anyone provision to access the details.
A misconfigured S3 bucket of Board of Control for Cricket in India (BCCI) resulted in the leakage of personal data of several thousand Indian applicants who had submitted forms between 2015 and 2018. The number of affected people is estimated to be between 15,000 - 20,000 while the exposed data includes name, date of birth, permanent address, medical records, birth certificate, mobile number, SSC certificate of a person.
Various new malware were unearthed by researchers this week. While PRB-Backdoor stole info and executed code on infected systems, StalinLocker prompted victims for a specific code or have their data deleted. A new variant of Dharma ransomware emerged while Grobios Trojan was found to be delivered via RIG Exploit Kit.