Cyware Weekly Threat Intelligence, July 29 - August 02, 2019

Weekly Threat Briefing • August 2, 2019
Weekly Threat Briefing • August 2, 2019
The Good
It’s time to welcome the first weekend of August with the most interesting threat intel of the week. Before delving into the security incidents and new threats, let’s first take a look at all the positive events. Google is planning to add a new security feature to its Chrome browser to reduce side-channel attacks. Microsoft has announced secure protection for IoT devices with its Azure Security Center. Meanwhile, the National Institute of Standards and Technology is coming up with new guidance for sharing ZIP files securely with others.
The Bad
Several data breaches and security incidents were witnessed in this week. Capital One suffered a massive data breach exposing the personal and credit card information of almost 106 million US and Canadian customers. Honda Motor Company has exposed 134 million records of employee system data for over 300,000 employees due to an unprotected database. Last but not least, the UK-based education company, Pearson suffered a data breach impacting approximately 13,000 schools and universities in the United States.
New Threats
This week also witnessed the occurrence of several new malware strains and vulnerabilities. Researchers spotted a new version of the TrickBot banking trojan that targets Microsoft Defender. A new variant of Mirai botnet which had its command & control server placed in the Tor network was discovered. A major vulnerability was also unearthed in Apple’s instant messaging service iMessage.