Cyware Weekly Threat Intelligence - September 09–13
Weekly Threat Briefing • Sep 13, 2024
We use cookies to improve your experience. Do you accept?
Weekly Threat Briefing • Sep 13, 2024
The U.K government has elevated data centers to a new level of importance, officially designating them as critical national infrastructure - ensuring these digital fortresses get the protection and support they need during crises. Choosing secure tech just got easier: the FCC is introducing a cybersecurity labeling program, helping consumers spot products that meet strict security standards, just like ENERGY STAR does for energy efficiency.
The U.K government designated the data center sector as part of the country's critical national infrastructure, recognizing its importance in safeguarding vital data from cyber attacks and disasters. This designation aims to prioritize engagement with the sector and ensure continuity of operations during crises. It signals greater government support for physical data centers and cloud operators, providing access to security agencies and emergency services in case of incidents.
The FCC is launching a voluntary cybersecurity labeling program to help consumers make informed decisions about purchasing technology products. The program will use a U.S. Cyber Trust Mark to indicate products that meet cybersecurity standards, similar to the ENERGY STAR label for energy efficiency. The label will be displayed on internet of things products, providing information on security features and compliance with cybersecurity standards.
The U.K National Crime Agency and Information Commissioner's Office have signed an agreement to share cyber threat information to improve cyber defenses and increase reporting. The aim is to help organizations struggling post-cyberattack and to encourage reporting of incidents. The agencies will share mainly anonymized and aggregated incident data and are urging companies to disclose cyber incidents to authorities. The agreement also aims to strengthen responses to disruptive cyberattacks against critical infrastructure in the U.K., as high-profile attacks continue to occur.
An innocent-looking Excel file hides a malicious secret: exploiting an old Microsoft vulnerability to deploy the stealthy Remcos RAT, giving attackers remote access and dodging traditional security defenses across sectors worldwide. Iran's OilRig is making waves again, targeting Iraqi government networks with two new malware strains, Veaty and Spearal, designed to harvest files and execute PowerShell commands. Crimson Palace, a trio of Chinese hacker clusters, has quietly infiltrated Southeast Asian governments, using their latest weapon, Tattletale malware, to steal sensitive data and authentication keys.
More than 1.3 million Android TV streaming boxes have fallen victim to the Vo1d backdoor, giving attackers full control and spreading infections across 200 countries. Banking customers in Central Asia are caught in the crosshairs of Ajina.Banker, a sneaky Android malware that’s spreading through Telegram channels disguised as trusted apps, siphoning off sensitive data for financial gain. Hadooken malware is taking Linux systems by storm, targeting WebLogic servers to drop cryptominers and Tsunami malware, exploiting weak passwords and erasing traces to ensure its silent persistence across compromised networks.