Cyware Weekly Threat Intelligence, August 26 - 30, 2019

Weekly Threat Briefing • August 30, 2019
Weekly Threat Briefing • August 30, 2019
The Good
Let’s welcome the weekend by revisiting all that happened in cyberspace over the week. Before delving into the security incidents and new threats, let’s first take a look at all the positive events. The Governor of Louisiana has announced plans to establish a cyber facility named the ‘Louisiana Cyber Coordination Center (LC3). Google has announced the launch of the ‘Developer Data Protection Reward Program’ (DDPRP) and the expansion of the ‘Google Play Security Reward Program’ (GPSRP). Meanwhile, Microsoft is working on adding automatic phishing detection to enterprise in-org forms.
The Bad
Several data breaches and security incidents were witnessed in this week. Researchers have uncovered over 80 eCommerce websites that have been compromised by Magecart attackers. Web hosting provider Hostinger suffered a data breach compromising the personal information of over 14 million customers. Last but not least, Mastercard suffered a data breach after the customer data from its Priceless Specials loyalty program was leaked on the internet.
New Threats
This week also witnessed the occurrence of several new malware strains and vulnerabilities. Researchers have uncovered a new version of Trickbot that includes new dynamic webinjects to steal PIN codes from Verizon Wireless, T-Mobile, and Sprint users. Researchers have found out malicious clickjacking scripts that intercept user clicks on at least 613 popular websites. Meanwhile, Apple released an update to the iOS 12.4 version to patch the jailbreak security flaw.