Cyware Weekly Threat Intelligence - December 19–23

Weekly Threat Briefing • Dec 23, 2022
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • Dec 23, 2022
IT systems and the data stored within them are valuable assets for organizations. Keeping the exploitations and misuse of these assets in mind, national authorities have taken several significant steps to protect them. The NIST has set a timeline to phase out SHA-1 and replace it with the latest algorithms with an aim to secure data stored in devices. Meanwhile, the U.S. President has signed the Quantum Computing Cybersecurity Preparedness Act to protect systems against quantum tech threats.
Data breaches resulting in the compromise of huge amounts of sensitive data have raised security concerns among researchers. BetMGM confirmed that the personal data of its 1.5 million customers were affected due to unauthorized access. On the other hand, the restaurant CRM platform SevenRooms revealed that hackers stole 427GB of customer records and leaked a sample on a cybercrime forum. Ahead of the Christmas holidays, cybercriminals have also been found luring users with specially-crafted phishing emails to harvest their personal information.
A variety of info-stealing malware variants were spotted this week. One of the variants, RisePro, is gaining popularity on the illicit Russian forum on the dark web. The PyPI repository was also bombarded with a pool of new stealer variants that borrowed their source code from the W4SP stealer. In other news, researchers are observing active exploitation of the OWASSRF vulnerability that affects the Microsoft Exchange Server.