Cyware Weekly Cyber Threat Intelligence November 19 - 23, 2018

 
The Good
Rejoice one and all, for it is Friday! As you gear up for the weekend, it is our pleasure to bring to you the most interesting cybersecurity news of the week. Let’s first tip our hats to all the governments and companies making strides to improve security. The US army’s scientists are working on a quantum networking experiment aimed at offering soldiers more secure and reliable communications on the battlefield. Meanwhile, the FCC has launched an all-out war against scammers and robo-callers in a new initiative.
 
  • The US army’s scientists, working out of the corporate research lab (ARL), are working on a quantum networking experiment aimed at offering soldiers more secure and reliable communications on the battlefield.
  • The Federal Communications Commission (FCC) has launched an all-out war against scammers and robo-callers in a new initiative. US network providers are now being forced to implement a new technology  called SHAKEN/STIR (Secure Handling of Asserted information using toKENs/Secure Telephony Identity Revisited).
  • The Indian government is planning on implementing higher penalties for companies that fail to immediately report data breaches. The Indian ministry of electronics and information technology (MeitY), is now drafting a new data protection law and new regulations that impose higher fines on firms into reporting breaches.
 
The Bad
 
Over the past week, several destructive data breaches and leaks have knocked off major companies. The breach of the week award has to go to Amazon, which suffered a massive breach just days before Black Friday. The US Postal Service (USPS) was also impacted by a breach that may have exposed over 60 million customers’ data. Meanwhile, Daniel’s Hosting, one of the most popular dark web hosting services, was knocked offline by rival hackers.

  • Amazon suffered a massive breach just days before Black Friday. The breach resulted in the compromise of names and email addresses of some of its customers. The tech giant has been tight-lipped about the details surrounding the matter, only revealing that the breach was caused due a technical error in its website.
  • The US Postal Service (USPS) was also impacted by a breach that may have exposed over 60 million customers’ data. The breach was caused by a year-old API flaw, that not only allowed anyone with a USPS account to view other users’ data but also alter their information without their knowledge or consent.
  • Daniel’s Hosting, one of the most popular dark web hosting services, was knocked offline by rival hackers. The attack occurred on November 15, 2018, and has resulted in the loss of 6500 plus Dark Web services hosted on the platform.
  • San Diego-based communications company Vovox exposed around 26 million text messages, as well as other sensitive customer data like phone numbers, password reset links and security codes, two-factor verification codes, shipping notification and more.
 
New Threats
 
Multiple new malware, ransomware and threat actors emerged over the past week. A new Trickbot variant was discovered being distributed as part of a new campaign posing as coming from Llyods bank. Over a dozen malware-laced Android apps were discovered on the Google Play Store. Meanwhile, a new variant of the Rotexy malware, that combined the capabilities of both a banking malware and a ransomware, was discovered.

  • A new Trickbot variant was discovered being distributed as part of a new campaign posing as coming from Llyods bank. The malware is capable of exfiltrating data such as passwords, browsing history, bank & other financial details and logins from the infected systems.
  • Over a dozen malware-laced Android apps were discovered on the Google Play Store. 13 malicious gaming apps, developed by the same person, were installed over 560,000 times. Once downloaded, the malicious apps, posing as driving games were designed to crash each time they were opened.
  • A new variant of the Rotexy malware, that combined the capabilities of both a banking malware and a ransomware, was discovered. Between August to October 2018, Rotexy launched over 70,000 attacks, primarily against victims in Russia.
  • Texas-based Altus Baytown Hospital (ABH) was hit by a ransomware attack that may have led to hackers compromising patient records and their personal data. The hospital fell victim to the prolific Dharma ransomware.




  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.