Share Blog post
- Apple launched a new T2 security chip that is designed to stop attackers from spying on users. This new security feature is capable of disconnecting the microphone whenever the lid of the MacBook is closed. It is designed to help protect a device’s encryption keys, storage, fingerprint data, and secure boot features.
- Google launched reCAPTCHA v3 that aims to better protect websites from spam and make the security procedure more user-friendly. The latest version of the security tool is designed to run an adaptive risk analysis in the background and provide websites with a score that shows how suspicious an interaction is.
- Canada passed a new law that requires every company to report security breaches. Canadian organizations must now also keep a comprehensive record of all breaches detected for two years, and alert stakeholders about the impact of any and all breaches.
- Eurostar detected a breach and began resetting users passwords. The firm said that the cybercriminals behind the attack used Eurostar account holders’ usernames and passwords to infiltrate systems. It is still unclear as to how many users have been affected by the breach and whether the attackers succeeded in exfiltrating any sensitive corporate or user data.
- A Pakistani bank was hit by hackers who reportedly stole $6 million. The Karachi-based Bank Islami confirmed that it suffered a security breach, which resulted in the theft of payment card information. Although the bank confirmed the breach, it has denied claims of having lost $6 million.
- Australian defense contractor Austal was hit by hackers who stole some staffers’ information. Some staffers’ email addresses and phone numbers were stolen by hackers. However, the firm said that information relating to national security was not compromised.
- Jones Eye Clinic and Surgery Center, a healthcare center located in Sioux City, suffered a ransomware attack. The attack may have exposed the data of around 40,000 individuals. The data compromised in the breach includes patients’ full names, addresses, dates of birth, dates of services, medical record numbers and more.
- A new Mac malware dubbed CoinTicker was found silently installing backdoors. The cryptocurrency trojan appears to be legitimate and secretly installs two backdoors - EvilOSX and EggShell. These backdoors could allow attackers to gain remote control over affected Macs.
- A new ransomware called CommonRansom has been discovered. Unlike other ransomware variants, CommonRansom not only demands a Bitcoin payment but also demands that victims provide remote desktop protocol (RDP) access.
- A new DDoS-for-hire service called ‘0x-booter’ has been spotted in the wild, which has launched over 300 DDoS attacks in just two weeks. Ox-booter has been advertised as containing over 500Gbps of bandwidth and 20,000 bots. The malicious service can launch DDoS attacks without direct contact between the user and the botmaster.
- Iranian networks were recently reportedly hit by a new more powerful variant of the infamous Stuxnet malware. The new Stuxnet variant is allegedly more aggressive and sophisticated. Stuxnet is believed to have been created and deployed by the US and Israel. However, it is unclear as to who orchestrated the new Stuxnet attack against Iran. It is also still unclear as to which industries and companies were hit by the attack.
Posted on: November 02, 2018
Get the Weekly Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.