Cyware Weekly Threat Intelligence - May 15–19

Weekly Threat Briefing • May 19, 2023
Weekly Threat Briefing • May 19, 2023
It takes a collaborative effort to achieve effective and enhanced cybersecurity. Taking a leaf from that, the U.S. Homeland Security Committee has issued two new bills that would require the CISA to bolster the government’s cybersecurity workforce and the security of open-source software. The Department of Veterans Affairs is also seeking to improve its in-house security operations by incorporating a wide range of capabilities for cyber incident response, cloud threat detection, and insider threat analysis.
While government agencies are working to build a better defense against emerging security threats, security lapses at organizations continue to expose sensitive data. A transportation company in France and a widely used university admission platform laid bare the personal details of thousands of customers in two different incidents, owing to misconfigured databases. That’s not all. A ransomware group gained unauthorized access and stole 4.7 TB of customer data from a pharmacy services provider firm. Unfortunately, the stolen data was put up for sale on underground forums.
Several new malware variants were also spotted this week. Security researchers associated two new variants of the CopperStealer malware that targeted users globally with the lesser-known Water Orthrus APT. In another instance, Satdos malware was upgraded with new capabilities to infect more smart devices for cryptomining attacks. A Golang variant of Cobalt Strike, dubbed Geacon, was also in the news for targeting Mac systems worldwide.