Cyware Weekly Threat Intelligence - April 08–12

Weekly Threat Briefing • April 12, 2019
Weekly Threat Briefing • April 12, 2019
The Good
We’re back with the most interesting threat intel of the week. Before we get into cybersecurity incidents and new threats, let’s first acknowledge all the positive events that happened over the past week. RSA conference has announced its new innovation program in the Asia-Pacific and Japan (APJ) region to help cybersecurity startups accelerate its growth. USA.gov has launched an AI-powered chatbot ‘Sam’ that is capable of answering users’ questions on scams and frauds. Meanwhile, two US senators have introduced new bipartisan legislation to ban social networking platforms from using ‘dark patterns’ to trick users into providing their private data.
The Bad
Several data breaches and massive cyber attacks have occurred over the past week. Researchers have detected almost 74 Facebook groups that were used to carry out illicit trading of stolen credentials, email addresses, private data, credit card information, and phishing kits. An unprotected database at VoterVoice exposed over 300,000 unique email addresses and other personal information of people. Last but not least, researchers have uncovered a new cybercrime marketplace named ‘Genesis’ where cybercriminals are selling full digital fingerprints of over 60,000 users.
New Threats
Over the past week, several vulnerabilities and malware strains have emerged. A researcher has spotted Anubis Android trojan that steals PayPal credentials. In another instance, researchers have discovered a sophisticated APT framework dubbed ‘TajMahal’. Meanwhile, researchers have discovered a set of vulnerabilities called Dragonblood in the WiFi Alliance’s WPA3 security and authentication standard.