Cyware Weekly Cyber Threat Intelligence November 26 - 30, 2018

Weekly Threat Briefing • November 30, 2018
Weekly Threat Briefing • November 30, 2018
The Good
Friday is here again, which means it is once again time for us to help you bring up to speed on the biggest and most interesting cybersecurity news of the week. Before we delve into the latest malware, cyberattacks, and threat actors to emerge this past week, let's take a look at all the new and positive strides taken to improve global security. Security researchers developed a powerful new tool to root out security flaws. Germany has proposed a new law that will regulate the sales of routers across the nation. Meanwhile, the GCHQ embraced greater transparency, allowing the infosec community a peek into its vulnerability disclosure processes.
The Bad
This past week several major data breaches and leaks emerged. Two of the biggest breaches witnessed this year occurred this past week. A misconfigured ElasticSearch server leaked the personal information of 57 million US citizens. Marriott was hit by a breach that compromised the personal data of 500 million guests. Meanwhile, SKY Brazil accidentally leaked 32 million customers’ personal information online.
New Threats
Several new malware, vulnerabilities, and ransomware were discovered over the past week. A new Linux cryptominer that can steal root passwords and disable antivirus software was discovered. A cryptominer called KingMiner was uncovered that has already infected victims from Mexico to India and from Norway to Israel. Meanwhile, a new zero-day vulnerability in surveillance cameras was found affecting Nuuo’s surveillance firmware.