Cyware Weekly Threat Intelligence - December 12–16

Weekly Threat Briefing • Dec 16, 2022
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Dec 16, 2022
The demand for 5G cellular networks for office and home uses has attracted the attention of cybercriminals. Keeping this in mind, the NSA, along with the CISA and ODNI, issued a joint report to provide mitigation strategies that address potential threats to 5G network slicing. In another significant achievement, the DoJ took action against 48 DDoS-for-hire service platforms that were used to launch DDoS attacks worldwide.
The U.S. DoJ seized 48 DDoS-for-hire service platforms that allowed anyone to easily launch DDoS attacks. Along with the takedown of stressor/booster sites that included RoyalStresser[.]com, SecurityTeam[.]io, Astrostress[.]com, Booter[.]sx, Ipstressor[.]com, and TrueSecurityServices[.]io, enforcement agencies also arrested six individuals operating these sites.
The NSA, the CISA, and the Office of the Director of National Intelligence (ODNI) published a joint report to highlight the most plausible threats and mitigation advice associated with 5G network slicing implementations. The mitigation measures include defense and prevention strategies to be implemented by 5G network operators, integrators, and providers.
The NSA’s JFAC Hardware Assurance Lab publicly released four cybersecurity technical reports to help the Department of Defense protect FPGA-based systems from adversary attacks.
The Cyber Security Agency of Singapore (CSA) pushed the need to beef up the cybersecurity of OT systems. The CSA noted that as the threat landscape is constantly evolving, every critical information infrastructure (CII) sector should continuously adapt and transform its processes.
Owing to the vast troves of patient data stored, healthcare entities remain vulnerable to ransomware attacks. This week, the HHS issued an advisory to help healthcare providers understand the attack scope and mitigation measures for LockBit 3.0 ransomware. In another update, the operators behind LockBit added the California Department of Finance to its list of victims. Furthermore, Uber reported a security breach that occurred due to an intrusion at a third-party vendor. This is the second data breach that the firm has suffered this year and is likely to have impacted the data of over 70,000 employees.
Researchers have laid bare recent cyberespionage activities associated with the infamous Charming Kitten APT. It has been found that six subgroups of the APT were involved in 60 attack campaigns launched across different sectors. Meanwhile, the trend of Golang-based malware continues to flourish in the threat landscape. This week, researchers discovered two new Golang malware—GoTrim and Chaos RAT—that enabled their operators to launch a wide range of attacks.