Share Blog post
- The National Institute of Standards and Technology issued out with the final version of its Risk Management Framework (RMF) 2.0 update, providing government agencies and commercial enterprises with a new guideline that aligns risk, privacy, and cyber-security controls.
- The UK government has announced a new standard for cyber security to protect driverless cars from hacking. This new standard is also designed to attract investment in the UK’s autonomous vehicle industry.
- The San Diego School District was hit by a data breach compromising the personal data of over 500,000 staffers and students. SDUSD suffered a data breach after cybercriminals launched a targeted phishing attack against a staffer to gain access to login credentials and use it to infiltrate the school district’s networks.
- Cybercriminals were recently found selling the personal information of American children on different dark web markets. Information such as children's names, addresses, phone numbers, dates of birth, and Social Security Numbers were being advertised on underground markets. While the individual set of information is being sold at $10, bundles of sets are also being advertised at $490 or as high as $790.
- BevMo was hit by a massive data breach recently. The cybercriminals gained unauthorized access to the BevMo website and installed a malicious code on the checkout page. The breach impacted nearly 15,000 customers and saw hackers compromise both credit card and personal information of customers.
- Attackers recently hacked Electrum wallets, stealing over 200 bitcoins worth around $750,000. The attack resulted in the Electrum wallet apps displaying a message on users’ systems that asked them to download a malicious update from an unauthorized Github repository. The attack lasted for seven days and temporarily stopped after Github removed the attacker’s Github repository.
- Nova Entertainment was hit by a data breach compromising over 250,000 users’ data. The personal information compromised in the breach includes usernames, passwords, residential addresses and other sensitive details of individuals. However, the firm confirmed that no financial information or copies of ID were affected.
- A hacker group named D3c3mb3r has been found exploiting the vulnerability on ThinkPHP framework to gain access to web servers. Another hacker group was also found exploiting the vulnerability to infect servers with the Miori malware.
- A proof-of-concept that could be used to create a Facebook worm was recently published online. Anyone looking to target users on Facebook could use the worm to spread malware and perform other nefarious activities.
- A vulnerability in Orange Livedox ADSL modem has leaked Wi-Fi credentials of thousands of users. Dubbed CVE-2018-20377, the vulnerability affects nearly 19,500 Orange modems. The vulnerability could also allow attackers to build IoT botnets.
- The WannaCry ransomware continues to lurk on infected and vulnerable computers almost after 18 months since it first appeared. The ransomware made its first appearance in May 2017, infecting hundreds of thousands of computers, across 150 countries. Like other traditional ransomware variants, WannaCry encrypts files on the system’s hard drive and demands huge sums of ransom in exchange for decrypting data.
- Three MacOS Malware samples went undetected by most antivirus providers. Four months after the attack by a mysterious hacker group on Mac users, few of its MacOS malware samples went undetected by most of the antivirus providers. One of these Mac malware variants is believed to have been linked to Windshift APT group that surveils individuals in the Middle East.
- A new ransomware called JungleSec was spotted exploiting unsecured Intelligent Platform Management Interface (IPMI) cards to infect Windows, Mac, and Linux systems. The ransomware was first reported in early November 2018. However, there is no indication as to how many systems have been affected by the malware.
- A new sample of Shamoon malware was uploaded recently to the VirusTotal on December 23, 2018. This new variant is signed with a digital signature. It tries to bypass detection by leveraging the digital certificate from the Chinese technology company Baidu. However, the digital signature is no longer valid as it expired on March 26, 2016.
Posted on: December 28, 2018
Get the Weekly Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.