Cyware Weekly Threat Intelligence - May 06–10

Weekly Threat Briefing • May 10, 2024
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • May 10, 2024
In a pivotal move towards fortifying vulnerability management, theCISA launched an innovative initiative, Vulnrichment, aimed at enhancing the speed and efficiency of NIST’s NVD. Concurrently, the DOS unveiled a new international cyberspace strategy promoting global collaboration for a secure, inclusive digital future. This forward-thinking strategy champions digital solidarity, urging rights-respecting users worldwide to unite against cyber threats and foster a resilient and prosperous digital ecosystem.
The CISA announced a new project called Vulnrichment to address the slowdown in the NIST National Vulnerability Database (NVD). The Vulnrichment project aims to enrich CVE records with key decision points using a SSVC decision tree model. The project has already enriched 1,300 CVEs and will continue to assess and categorize vulnerabilities based on their impact and exploitability.
The CISA extended the comment period for new regulations under the Cyber Incident Reporting for Critical Infrastructure Act in response to requests from various industries. The CISA is seeking feedback on how to strengthen regulations aimed at enhancing federal cyber incident and ransomware payment tracking activities. This decision follows concerns raised by lawmakers and industry representatives about excessive restrictions on critical infrastructure organizations.
The ASD's ACSC, the CISA, the Canadian Centre for Cyber Security (CCCS), the NCSC-U.K, and the NCSC-NZ released guidance on Secure by Design Choosing Secure and Verifiable Technologies to help organizations make secure and informed choices when procuring digital products and services. The guidance provides considerations for incorporating secure design principles into procurement processes and offers sample questions to use at each stage of the process. Nearly 70 leading software companies signed this voluntary pledge.
The DOS announced an international cyberspace strategy centered around fostering collaboration for a more secure and inclusive world. The strategy emphasizes digital solidarity and calls for rights-respecting users to work together for increased security, resilience, and prosperity. It outlines guiding principles and areas of action, focusing on creating an open, resilient, and secure digital ecosystem while addressing cyber threats and malicious actors.
In a series of troubling developments, the project management tool Monday[.]com has eliminated its Share Update feature due to misuse in phishing scams by attackers who targeted the platform's users with phishing emails. Simultaneously, the FBI has warned U.S. retailers of Storm-0539, a hacking group that has been exploiting gift card departments since January 2024. Additionally, the BogusBazaar crime ring has defrauded 850,000 individuals globally, netting around $50 million from fake online stores.
As AI adoption grows globally, new threats pop up. In one such development, the Sysdig Threat Research Team has uncovered LLMjacking, an attack exploiting cloud-hosted LLM services through stolen credentials. Meanwhile, a new variant of the zEus stealer, hidden within a Minecraft source pack distributed via YouTube, poses a significant threat by stealing sensitive data. Additionally, Google has patched 26 vulnerabilities in Android, including a critical flaw in Android 14 that allowed privilege escalation.