Cyware Weekly Threat Intelligence - May 20–24

Weekly Threat Briefing • May 24, 2019
Weekly Threat Briefing • May 24, 2019
The Good
We’re back with the most interesting threat intel of the week. The past week witnessed several cybersecurity advancements, security incidents, as well as the emergence of new threats. To begin with, let’s first glance through all the positive developments that have emerged over the past week. The University of New Haven has been designated as a National Center of Academic Excellence in Cyber Operations. The European Union has established a new framework to impose targeted restrictive measures to respond to cyber attacks. Meanwhile, the Department of Financial Services has announced the formation of a ‘Cybersecurity Division’ that aims at protecting consumers and industries from cyber attacks.
The Bad
Several data breaches and security incidents were witnessed over the past week. IT giant HCL leaked employees’ personal information, passwords, and customer data online. Google accidentally stored passwords for some of its G suite users in plaintext since at least 2005. Meanwhile, Salesforce deployed a database script to its production environment that inadvertently gave employees access to the company’s files.
New Threats
In the past week, the occurrences of several new malware strains and vulnerabilities were detected. Researchers uncovered a new variant of the Trickbot trojan that is distributed via Redirection URL in a spam email campaign. A new variant of Mirai botnet has been spotted leveraging a total of 13 different exploits to target routers and other IoT devices. Meanwhile, a researcher named SandboxEscaper has published the demo exploit code for three Microsoft zero-day vulnerabilities.