Cyware Weekly Threat Intelligence - January 22–26

Weekly Threat Briefing • January 26, 2024
Weekly Threat Briefing • January 26, 2024
In a digital age where data security is paramount, the HHS launched a two-tiered cyber defense strategy for healthcare, focusing on essentials and enhancements to combat threats like ransomware. A piece of good news for iPhone users as Apple's latest iOS 17 leap adds a shield against data theft with Stolen Device Protection, securing iPhones from the prying hands of thieves.
In a stunning revelation, over 12TB of data and 26 billion records were compromised from giants like X, Tencent, and Dropbox, spilling secrets from the U.S. to the Philippines. Concurrently, a Trello API misstep exposed 15 million members' private details. Adding to the cyber turmoil, Hewlett Packard Enterprise revealed details on the December cyberattack by the notorious Russia-linked group Midnight Blizzard, targeting its cloud-based email environment.
Unmasking digital espionage, ESET researchers revealed NSPX30, an implant by the China-aligned APT group Blackwood, targeting entities from China, Japan, and the U.K. In a separate cyber heist, BlackBerry uncovered a scheme against Mexican banks, where attackers deploy the AllaKore RAT under the guise of legitimate IMSS documents, pilfering banking credentials. Meanwhile, The National Investor in Abu Dhabi alerted of online scammers fraudulently exploiting its identity, echoing the diverse and cunning nature of cyber threats.