Share Blog post
- The European Union is gearing up to create new regulations that would impose economic sanctions on cybercriminals. In the face of increasingly sophisticated cyberespionage and cybercriminals campaigns, EU leaders are now mulling imposing sanctions on hackers to stem the flow of destructive cyberattacks.
- The US Cyber Command is dogging the heels of Russian online trolls attempting to distribute disinformation campaigns and warning them that they are being watched. The operation is aimed at deterring more sophisticated Russian cyberattacks targeting US infrastructure.
- The Royal Navy’s biggest warship, the HMS Queen Elizabeth, which is currently docked at New York, boasts of extensive and sophisticated cyber offensive and defensive capabilities. The aircraft carrier was built to deal with modern cyberthreats and may also be an invaluable resource in open waters across the globe.
- The Pentagon recently expanded its “Hack the Pentagon” bug bounty program, allowing hackers to find vulnerabilities with hardware and physical systems within the Pentagon. Now even the most critical internal systems at Pentagon will be tested for vulnerabilities by ethical hackers.
- The HealthCare.gov’s sign-up system was hit by hackers who stole the data of around 75,000. The hackers gained access to the HealthCare.gov’s sign-up system, called the Federally Facilitated Exchange (FFE), which is used by the HealthCare insurance agents and brokers to enroll users into Obamacare plans.
- Switzerland-based cryptocurrency exchange Trade.io was hacked and $7.5 million worth of cryptocurrencies was stolen. The stolen funds were stored in a cold storage wallet. The cryptocurrency exchange discovered the breach after it observed a large number of cryptocurrencies being transferred from one of the accounts associated with its cold storage wallets.
- Hong Kong-based airline Cathay Pacific was hit by a massive data breach that compromised 9.4 million passengers’ data. Passengers' personal details including names, nationality, dates of birth, phone numbers, email addresses, passport numbers, identity card numbers, frequent flyer membership numbers, custom service remarks, and travel history might have been stolen by hackers.
- Washington-based Internet service provider Pocket iNet publicly exposed 73GB of data. This includes AWS secret keys, passwords and corporate information that were at least six months old. The data leak was caused by a misconfigured Amazon S3 storage bucket that had no password.
- A new Android malware dubbed TimpDoor was recently discovered and has already infected around 5,000 victims in the US. The Android malware has been active since March and could turn infected Android devices into mobile backdoors, which, in turn, could be leveraged by attackers to infiltrate home and corporate networks.
- The Ramnit banking malware was found distributed via a new malware downloader called sLoad. The new campaign has been targeting financial institutions across Italy, Canada and the UK. The malware comes packed with sophisticated reconnaissance capabilities and has also been distributing other malware variants like Gootkit, Ursniff and more.
- A security vulnerability was discovered that impacts nearly all Linux and BSD distros. This flaw could allow an attacker with limited privileges to elevate privileges and gain root system access, either using a terminal or SSH session.
- A recently discovered malware downloader called Godzilla Loader is up for sale on the dark web for $500. The malware downloader comes with a built-in UAC bypass feature, which can allow attackers to specify any executable and run it on the infected system with administrative privileges.
Posted on: October 26, 2018
Get the Weekly Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...