Cyware Weekly Threat Intelligence - August 19–23

Weekly Threat Briefing • August 23, 2024
Weekly Threat Briefing • August 23, 2024
With global cyber threats on the rise, over a dozen cyber authorities have endorsed new guidance to set baseline standards for logging and threat detection. This guidance aims to enhance cybersecurity monitoring, helping to prevent incidents like the SolarWinds attack. Additionally, the NCSC has introduced a Cyber Resilience Audit to assist organizations in assessing and improving their defenses against cyber threats, further strengthening overall resilience in the face of evolving risks.
A wave of sophisticated cyber campaigns emerged, each with its own unique methods of targeting victims. ESET researchers uncovered an Android malware, NGate, used in a criminal scheme against Czech bank clients to clone payment cards and facilitate unauthorized withdrawals. Meanwhile, a pro-Russian group is spreading malware under the guise of false information about Ukraine, deploying tools like Spectr spyware and Firmachagent. Additionally, North Korea's Lazarus group has evolved its BeaverTail malware to target job seekers, expanding to both macOS and Windows platforms to steal sensitive information.
A trio of evolving cyber threats highlights the ever-changing landscape of digital security. A new macOS malware, Cthulhu Stealer, has emerged, posing as legitimate software to steal sensitive information like cryptocurrency wallets and game account details. Meanwhile, Cisco Talos has uncovered a North Korean-developed RAT, MoonPeak, which is rapidly evolving to avoid detection. In parallel, Google has patched a critical zero-day vulnerability in Chrome, addressing a high-severity flaw that was actively being exploited by attackers.