Cyware Weekly Threat Intelligence, October 26 - 30, 2020

Weekly Threat Briefing • October 30, 2020
Weekly Threat Briefing • October 30, 2020
The Good
The week comes to an end on a positive note with different government agencies across the globe making good strides toward addressing cyber threats. The U.S. Federal Trade Commission (FTC) launched a new cyber-fraud reporting platform to protect users from frauds and scams. On a tangent, the New South Wales government made a decision to form a dedicated cyber and privacy resilience group to enhance the security of customers’ data. Furthermore, the Australian Department of Home Affairs proposed national security laws to protect critical infrastructure against cyberattacks.
The Bad
Data breach incidents continued to inflict woes on organizations globally. This week, Nitro PDF came under the scanner after malicious actors gained unauthorized access to the company’s database, potentially impacting several of its clients such as Microsoft, Google, Apple, and Citibank. In a disturbing revelation, REvil operators claimed to accrue over $100 million in a year by extorting victims.
New Threats
Among new threats discovered this week, researchers discovered new variants of TrickBot and Mirai botnet. While the TrickBot operators moved a portion of trojan code to Linux called Anchor_Linux in an attempt to widen the scope of attacks, the new version of Mirai, dubbed Katana, came with enhanced modules such as layer 7 DDoS, unique encryption keys, fast self-replication, and secure C2 server. Meanwhile, Apple accidentally approved six malicious apps for the second time in six weeks as part of the notarization process.