Cyware Weekly Threat Intelligence, August 19 - 23, 2019

Weekly Threat Briefing • August 23, 2019
Weekly Threat Briefing • August 23, 2019
The Good
As we gear up for a new weekend, let’s quickly glance through all that happened in cyberspace over the week. Before delving into the security incidents and new threats, let’s first take a look at all the positive events. The Global Cyber Alliance launched a cybersecurity development platform named AIDE for the Internet of Things (IoT) products. Major tech companies including Alibaba, Google Cloud, IBM, Intel, Microsoft, joined the Confidential Computing Consortium. Meanwhile, NSA researchers are planning to release their project’s end product named ‘SMI Transfer Monitor with protected execution (STM-PE)’ to the public soon.
The Bad
Several data breaches and security incidents were witnessed in this week. Twenty-two local Texas government entities were targeted with a coordinated ransomware attack. A cyber-espionage campaign linked to North Korea targeted several foreign ministries, four research organizations, and five email service providers. Meanwhile, Silence hackers targeted banks across 30 countries including China, Russia, the United Kingdom, Bangladesh, and Bulgaria, among others.
New Threats
This week also witnessed the occurrence of several new malware strains and vulnerabilities. Researchers uncovered that Magecart skimmer scripts have been injected into PokerTracker website. A new version of NanoCore v1.2.2 was uncovered by researchers. Meanwhile, a privilege escalation zero-day vulnerability has been detected in Steam that impacts over 96 million Windows users.