Cyware Weekly Cyber Threat Intelligence September 17-21, 2018

Weekly Threat Briefing • Sep 21, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Sep 21, 2018
The Good
Its finally Friday and that means its time to put your feet up, get a nice, relaxing drink and catch up on the biggest, most interesting cybersecurity news that occurred this week. But before we jump into the latest malware, breaches and threat actors to have emerged, let’s give a virtual high-five to the law enforcement authorities and the companies that are working on boosting security even as cyberthreats continue to become more advanced.The US Air Force is working on establishing a new rapid cyber response center. The Chinese police arrested a hacker who was selling millions of users personal data on the dark web and the British regulator fined Equifax over $657,000 for last year’s breach.
The US Air Force is working on establishing a new rapid cyber response center that will be modeled after the Air Force’s Rapid Capibilities Office. The goal for the new center would be “to tackle the cyber challenges from a rapid capabilities standpoint and a cyber standpoint,” Maj. Gen. Robert Skinner, commander of 24th Air Force/Air Forces Cyber, said during a panel at the annual Air, Space and Cyber conference.
The Chinese police arrested the hacker responsible for selling the data of millions of customers of the Huazhu hotel chain on the dark web. The hacker attempted to blackmail the hotel chain into paying a ransom for the recovery of its data. However, Huazhu said that the cybercriminal was unsuccessful in his attempt to sell any of the compromised data.
Equifax was fined a little over $657,000 (£500,000) by a UK regulator for the 2017 breach, which impacted the personal data of 15 million British customers. The Information Commissioner’s Office (ICO) said that although the breach occurred in the US, the firm was still responsible for failing to protect the personal data of its British customers.
The US army is looking to boost its cyber teams’ resource and abilities. The army’s expeditionary cyber support detachments (ECSDs) are small units connected to organizations that provide cyber and electromagnetic spectrum effects such as sensing or jamming.
The Bad
The past week saw several major breaches and data leaks come to light. The US State Department’s unsecured email system was hacked. GovPayNet accidentally exposed 14 million customer records dating back to 2012. Meanwhile, the cryptocurrency exchange Zaif was hacked and $60 million was stolen by hackers.
New Threats
Numerous new and advanced malware and vulnerabilities cropped up this week. The XBash malware comes with ransomware, cryptomining, botnet and worm capabilities. The new Russian botnet Black Rose Lucy allows cybercriminals to target Android devices. Meanwhile, the new Peekaboo vulnerability allows attackers to view and tamper with video and security camera feeds.