Cyware Weekly Threat Intelligence, July 31-August 04, 2023

Weekly Threat Briefing • August 4, 2023
Weekly Threat Briefing • August 4, 2023
Amidst the evolving cyber threat landscape and technological advancements, a robust cybersecurity workforce is essential to combat cybercriminals and their tactics effectively. In a major move, the U.S. introduces a new strategy focused on fostering diverse talent to pursue cybersecurity careers and meet the challenges of the digital age. Separately, the CISA, along with three other agencies, has been tasked to set a roadmap for implementing secured multi-cloud software technologies within federal networks by January 2025.
While cybersecurity capabilities keep improving, there were reports of financial and operational damages from across the globe due to cyberattacks. A leading marine parts manufacturer disclosed a loss of $85 million, owing to the downtime in a cyberattack. A series of DDoS attacks, which is underway, have impacted several Italian entities, including a water supply company, a national business newspaper, and a public transport website. Besides, vulnerable Citrix servers are being weaponized to deploy backdoors and target organizations in Germany, France, Switzerland, Italy, Sweden, Spain, and Austria.
In new threats, the Meow attack has taken a concerning turn, now targeting vulnerable Jupyter Notebooks. The attackers are employing Python scripts to exploit databases, highlighting an unconventional approach. Additionally, there has been a notable surge in Ursnif activity, with the appearance of the new WikiLoader as a malware distribution method. Meanwhile, Russian hacker forums have been observed promoting a new hVNC malware tool that poses a significant threat to macOS systems.