Cyware Weekly Cyber Threat Intelligence November 5 - 9, 2018

Weekly Threat Briefing • Nov 9, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Nov 9, 2018
The Good
Friday is finally here folks, which means that it's time for your weekly roundup of the biggest cybersecurity news stories. Let’s begin with all the progressive steps that governments and private organizations have taken to enhance the security of the public. Singapore launched the first ever commercial risk pool that provides insurance to corporations. Meanwhile, security researchers have created a new AI system that is capable of accurately predicting cyberattacks.
Singapore launched the first ever commercial risk pool that provides insurance to corporations. The pool is aimed at protecting companies in Asean and Asia from financial losses and cyber-related losses in the face of mounting cyberthreats. The pool will commit up to US$1 billion in risk capacity and will be funded by traditional insurance, and insurance-linked securities markets to offer customized coverage.
Security researchers have created a new AI system, named DARKMENTION, that is capable of accurately predicting cyberattacks. The AI system is capable of monitoring online and dark web forums and gathers intelligence. DARKMENTION also contains a repository of over 500 cyberattacks that have previously occurred.
Google’s automated Fuzz bot has spotted over 9,000 security vulnerabilities over the past two years. Google launched OSS-Fuzz was in December 2016. The automated tool is capable of hunting for vulnerabilities in applications by applying a technique called fuzzing.
The Bad
The past week saw several massive data breaches and leaks occur, targeting organizations across the globe. Hackers hit every bank in Pakistan in a massive attack. The data of around 700,000 customers of American Express India was left inadvertently exposed in an unsecured MongoDB server. Meanwhile, the French firm Ingerop was hit by hackers who stole around 65 GB of data.
Hackers hit every bank in Pakistan in a massive attack. The data of nearly 8,000 bank account holders from 10 different banks have been put up for sale on the dark web. Although it is still unclear as to how this breach came about, PakCERT believes that some locals may have been involved in aiding the cybercriminals behind the attack, who are suspected to have been located outside the country.
The data of around 700,000 customers of American Express India was left inadvertently exposed in an unsecured MongoDB server. The unsecured database contained 689,272 records in plaintext. The data exposed included full names, email addresses, phone numbers, card details and more.
The French firm Ingerop was hit by hackers who stole around 65 GB of data relating to nuclear power plants, prisons, and tram networks. The information stolen on the nuclear power plants includes a document detailing a planned nuclear-waste dump in northeastern France and details of the oldest French nuclear power plant, Fessenheim, located at the France-Germany border.
HSBC bank’s US branch suffered a data breach that saw hackers compromise the personal data of several customers. The attackers may have gained access to customers’ full names, email addresses, phone numbers, physical addresses, dates of birth, account numbers, account types, account balances, and more.
New Threats
Over the past week, several new strains of malware and vulnerabilities have emerged. Security researchers discovered a new stealthy cryptomining malware. A 100,000-bot strong IoT botnet BCMUPnP_Hunter is currently pushing out massive spam email campaigns. Meanwhile, the Outlaw hacker group was found wielding the Shellbot botnet to target IoT devices and Linux systems.