Cyware Weekly Threat Intelligence - March 25–29

Weekly Threat Briefing • March 29, 2019
Weekly Threat Briefing • March 29, 2019
The Good
As we’ve come to the end of March, it’s time to end the month with the most interesting threat intel of the week. As is our custom, let’s first begin with all the good that has occurred in the cybersecurity landscape over the past week. Computer scientists from the United States have developed a new email app that can quickly encrypt messages that appear in an email inbox. DHS is awarding $5.9 million to expand a cybersecurity training tool to the energy sector. In the meantime, New Jersey legislators have proposed a bill that would expand data breach notification requirements to alert consumers on data breaches.
The Bad
Over the past week, several data breaches and massive cyber attacks came to light. A new supply chain attack campaign dubbed ‘Operation ShadowHammer’ impacted over 1 million users who have downloaded the backdoored version of the ASUS Live Update utility on their systems. In another instance, FEMA has inadvertently shared private data of almost 2.3 million disaster victims with one of its contractors. Meanwhile, LockerGoga, the ransomware that hit aluminum giant Norsk Hydro, also infected two other American chemicals companies.
New Threats
Several vulnerabilities and malware strains emerged over the past week. Researchers uncovered a new version of the AZORult data stealer dubbed ‘AZORult++’. Researchers spotted a new Android banking trojan dubbed ‘Gustuff’ which is capable of phishing credentials and stealing funds from over 100 banking apps and 32 cryptocurrency apps. Last but not least, security weaknesses found in the US Treasury Department’s system could pose an increased risk of unauthorized access to the Federal Reserve Bank (FRB) systems.