Cyware Weekly Cyber Threat Intelligence December 3 - 7, 2018

The Good

As the first Friday of the holiday season greets you, let us help you wind up the workweek with a shot of the biggest cybersecurity news of the week. Let us begin by acknowledging all the positive events that occurred over the past week. A new bill has been introduced to the US Congress, which would allow hackers to report bugs directly to the Department of Homeland Security (DHS). Meanwhile, Microsoft and Mastercard have partnered up to develop a universal identity management solution.

  • A new bill has been introduced to the US Congress, which would allow hackers to report bugs directly to the Department of Homeland Security (DHS). The Public-Private Cybersecurity Cooperation Act, introduced Senators Rob Portman, and Maggie Hassan, requires DHS to create a permanent bug bounty program of sorts, that will ensure that hackers can report problems they find to the proper authorities without being prosecuted for breaking laws.
  • Microsoft and Mastercard have partnered up to develop a universal identity management service. The two firms aim to create a service that can be availed by all, to prove their identity. The service could also be used for opening a new bank account, applying for a loan, online shopping, and more.
  • A new USB malware scanning tool was launched by Symantec earlier this week. The device aims to protect outdated legacy systems which depend mainly on USB devices to update their systems, such as those used by the oil and gas, manufacturing, and transportation sectors.

The Bad

Several massive data breaches and leaks occurred during the past weak. Hackers hit Quora, compromising the data of 100 million users. Magecart hackers began targeting admin credentials in new attacks. Meanwhile, thousands of sensitive emails of US Republicans was hacked during the US 2018 midterm elections.

  • Hackers hit Quora, compromising the data of 100 million users. Information such as names, email addresses, IP, encrypted passwords, user IDs, and more was accessed by the attackers. The firm is still investigating the matter and is notifying customers about the breach.
  • Magecart hackers began targeting admin credentials in new attacks. Magecart group 11, which has been active since early 2016, was found stealing credentials of site administrators. Group 11 is also believed to be responsible for the Vision Direct data breach earlier this year.
  • Thousands of sensitive emails of US Republicans was hacked during the US 2018 midterm elections. The National Republican Congressional Committee (NRCC) reportedly hushed up a major data breach that it sustained earlier this year. The attack saw four senior NRCC aides’ phones surveilled for months by the hackers. Although NRCC alerted the FBI about the breach, senior Republican leaders were unaware about the attack until recently.
  • A slew of massive Hollywood-style bank heists, targeting at least eight European banks, saw hackers steal millions of dollars. The attackers planted devices like a laptop, Raspberry Pi and Bash Bunny inside the targeted banks’ premises, which provided them with remote access to the banks’ networks.

New Threats

Despite it being the holiday season, cybercriminals appear to be hard at work, churning out new malware and attack methods. The past week saw numerous new malware, vulnerabilities and ransomware make their way into cyberspace. 21 new Linux malware strains were discovered. A new Spectre-like CPU attack was uncovered. Meanwhile, a 20,000-strong botnet was found targeting WordPress sites.

  • 21 new Linux malware strains were discovered. The new malware families possess sophisticated features like keylogging and backdoor capabilities. Out of the 21 families analyzed, 12 had never been documented.
  • A new Spectre-like CPU attack was uncovered by a six-member security research team, comprising of three academics from Northeastern University and three researchers from IBM Research. The new attack is easier to execute and relies on the same processor design flaws. This attack also increases the speculative execution window length which adds to the attacker’s capabilities.
  • A 20,000-strong WordPress botnet was found targeting other WordPress sites. The attackers were found using dictionary attacks to gain unauthorized access to the targeted sites. Site owners are advised to use security plugins, which can block such brute force attacks.
  • A new Adobe zero-day vulnerability was found being leveraged by hackers. The bug allowed the attackers to hijack Windows PCs, by delivering malicious ActiveX-embedded documents via phishing emails. Fortunately, Adobe has released patches addressing the vulnerability.





  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.