Cyware Weekly Cyber Threat Intelligence October 29 - November 2, 2018

Weekly Threat Briefing • Nov 2, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Nov 2, 2018
The Good
Happy Friday everyone! It is once again time to sit back, relax and let us fill you in on the biggest and most interesting cybersecurity news of the week. Let’s begin by tipping our hats to all the private and government entities that have worked to embolden their own and the public’s security. Apple launched a new T2 security chip that is designed to stop attackers from spying on users. Google launched reCAPTCHA v3 that aims to better protect websites from spam and make the security procedure more user-friendly. Meanwhile, Canada passed a new law that requires every company to report security breaches.
Apple launched a new T2 security chip that is designed to stop attackers from spying on users. This new security feature is capable of disconnecting the microphone whenever the lid of the MacBook is closed. It is designed to help protect a device’s encryption keys, storage, fingerprint data, and secure boot features.
Google launched reCAPTCHA v3 that aims to better protect websites from spam and make the security procedure more user-friendly. The latest version of the security tool is designed to run an adaptive risk analysis in the background and provide websites with a score that shows how suspicious an interaction is.
Canada passed a new law that requires every company to report security breaches. Canadian organizations must now also keep a comprehensive record of all breaches detected for two years, and alert stakeholders about the impact of any and all breaches.
The Bad
Over the past week, several high-profile data breaches and leaks have occurred. Eurostar detected a breach and began resetting users’ passwords. A Pakistani bank was hit by hackers who reportedly stole $6 million. Meanwhile, the Australian defense contractor Austal was hit by hackers, who stole some staffers’ information.
Eurostar detected a breach and began resetting users passwords. The firm said that the cybercriminals behind the attack used Eurostar account holders’ usernames and passwords to infiltrate systems. It is still unclear as to how many users have been affected by the breach and whether the attackers succeeded in exfiltrating any sensitive corporate or user data.
A Pakistani bank was hit by hackers who reportedly stole $6 million. The Karachi-based Bank Islami confirmed that it suffered a security breach, which resulted in the theft of payment card information. Although the bank confirmed the breach, it has denied claims of having lost $6 million.
Australian defense contractor Austal was hit by hackers who stole some staffers’ information. Some staffers’ email addresses and phone numbers were stolen by hackers. However, the firm said that information relating to national security was not compromised.
Jones Eye Clinic and Surgery Center, a healthcare center located in Sioux City, suffered a ransomware attack. The attack may have exposed the data of around 40,000 individuals. The data compromised in the breach includes patients’ full names, addresses, dates of birth, dates of services, medical record numbers and more.
New Threats
A bunch of new malware, vulnerabilities, and threat actors popped over the last week. A new Mac malware dubbed CoinTicker was found silently installing backdoors. A new ransomware called CommonRansom demands RDP access to decrypt files. Meanwhile, A new DDoS-for-hire service called ‘0x-booter’ has been spotted in the wild, which has launched over 300 DDoS attacks in just two weeks.