Posted July 21, 2015
Welcome to the Cyveillance Weekly Cyber Security Trends Report
Since threat intelligence is constantly evolving, we publish this weekly cyber security trends report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.
“Adobe Systems issued an emergency update for its Flash media player to patch two critical zero-day vulnerabilities that allow attackers to surreptitiously install Malware: Software that is intended to damage or disable computers and computer systems. on end-user computers. The previously unknown vulnerabilities were unearthed in the 400-gigabyte data dump hackers published nine days ago after rooting the servers of Hacking Team, an Italy-based company that sold spyware and exploits to governments around the world.”
Legal and Regulations
Despite upcoming announcements highlighting progress in fixing outdated federal computer networks, there is widespread agreement that government systems are still vulnerable to cyberattacks from foreign nations.
– NY Times
Several retail chains have temporarily taken their photo processing services offline following the PNI Digital Media breach. PNI Digital Media manages and hosts photo services sites. The breach could have compromised customers’ credit card information. The Following retailers have reacted to the breach: Costco, Sam’s Club, CVS Health Corp, Walmart, Rite-Aid, and Tesco.
– NBC News
“Operation Liberpy, an HTTP-based botnet for keylogging, has been stealing users’ information since at least last August, managing to compromise more than 2,000 systems in only a few months. According to the ESET, the infection was spread via USB devices. It reports all keyboard events, as well as mouse movements, to a server controlled by the attackers. The campaign began by sending potential victims fake e-mails containing attachments appearing to be package-tracking “software.” Infected users began to join the botnet, and became new propagation nodes via infecting USB devices connected to their computers. According to ESET Live Grid information, 98% of detections of these threats were in Venezuela, and based on the words and language found in the comments into the threat, it appears that the malware is aimed primarily at users there.”