Cyware Weekly Threat Intelligence - May 27–31

Weekly Threat Briefing • May 31, 2019
Weekly Threat Briefing • May 31, 2019
The Good
We’re back with the most interesting threat intel of the week. The past week witnessed several cybersecurity advancements, security incidents, as well as the emergence of new threats. To begin with, let’s first glance through all the positive developments that have emerged over the past week. Google has announced new privacy rules for the Google Drive API to protect users’ data by limiting the number of data accessed by third-parties via Google’s APIs. Singapore is planning to introduce a tool known as ‘SG-Verify’ that helps businesses verify user data via QR codes. Meanwhile, researchers from the University of Illinois have published a research paper that explains the use of commodity storage devices to recover encrypted files.
The Bad
Several data breaches and security incidents were witnessed in the last seven days. The website of First American Financial Corp exposed almost 885 million sensitive documents. Also, attackers implanted malware on point-of-sale systems at almost 102 Checkers and Rally’s locations. Last but not least, an unprotected Elasticsearch database belonging to Pyramid Hotel Group exposed almost 85GB in security logs of major hotels.
New Threats
The past week also saw the occurrence of several new malware strains and vulnerabilities. Researchers have revealed that Emotet was the most prevalent email-based threat in the first three months of 2019. Attackers are scanning the internet for Windows servers that are running MySQL databases to infect systems with GandCrab ransomware. Meanwhile, new research has revealed that nearly 1 million Windows PCs are still vulnerable to the recently patched BlueKeep vulnerability.