Cyware Weekly Threat Intelligence - May 15–19

Weekly Threat Briefing • May 19, 2023
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • May 19, 2023
It takes a collaborative effort to achieve effective and enhanced cybersecurity. Taking a leaf from that, the U.S. Homeland Security Committee has issued two new bills that would require the CISA to bolster the government’s cybersecurity workforce and the security of open-source software. The Department of Veterans Affairs is also seeking to improve its in-house security operations by incorporating a wide range of capabilities for cyber incident response, cloud threat detection, and insider threat analysis.
The U.S. House Homeland Security Committee advanced five bills to address challenges threatening the nation’s cybersecurity posture. Two of these bills give the CISA new responsibilities to improve the security of open-source software and the government’s cybersecurity workforce. Additionally, the federal agency will also have the authority to train DHS employees to move from non-cyber to cybersecurity roles.
The Department of Veterans Affairs (VA) is prepping for a five-year cybersecurity contract, that ranges from cyber incident response to cloud threat detection and insider threat analysis, to boost its in-house security operation centers. The development comes after it was revealed that VA computer networks encounter over 45 million weekly security-related events.
NATO announced the induction of new countries—Ukraine, Ireland, Japan, and Iceland—into its Cooperative Cyber Defence Centre of Excellence (CCDCOE). The hub focuses on cyber defense research, training and exercises, strategies, and laws to protect information systems and critical infrastructure from large-scale attacks.
While government agencies are working to build a better defense against emerging security threats, security lapses at organizations continue to expose sensitive data. A transportation company in France and a widely used university admission platform laid bare the personal details of thousands of customers in two different incidents, owing to misconfigured databases. That’s not all. A ransomware group gained unauthorized access and stole 4.7 TB of customer data from a pharmacy services provider firm. Unfortunately, the stolen data was put up for sale on underground forums.
Several new malware variants were also spotted this week. Security researchers associated two new variants of the CopperStealer malware that targeted users globally with the lesser-known Water Orthrus APT. In another instance, Satdos malware was upgraded with new capabilities to infect more smart devices for cryptomining attacks. A Golang variant of Cobalt Strike, dubbed Geacon, was also in the news for targeting Mac systems worldwide.