Threat Reports

Cyber Alert – 01 July 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Promethium Group 20 22
AZORult Stealer 9 13
Mailto Ransomware 9 25
NotPetya Ransomware 6 17
StrongPity3 3 4
Sekhmet Ransomware 3 3
KeRanger Ransomware 2 2
PwnPOS 2 2
Patcher Ransomware 2 2
Phorpiex Malware 2 2
Data Breaches
SecurityWeek – e-Learning Platform OneClass Exposed Data on Students, Lecturers https://t.co/WSURC6YQ5g
SecurityWeek – TwitterJul 01 2020 03:56
e-Learning Platform OneClass Exposed Data on Students, Lecturers https://www.securityweek.com/e-learning-platform-oneclass-exposed-data-students-lecturers
E-Learning Platform OneClass Exposed Data On Students, Lecturers
SecurityPhreshJul 01 2020 03:49
An Elasticsearch database pertaining to e-learning platform OneClass was found to expose data on over one million students and lecturers, vpnMentor reveals.read more
EduardKovacs – RT @SecurityWeek: e-Learning Platform OneClass Exposed Data on Students, Lecturers https://t.co/WSURC6YQ5g
EduardKovacs – TwitterJul 01 2020 04:40
RT @SecurityWeek: e-Learning Platform OneClass Exposed Data on Students, Lecturers https://www.securityweek.com/e-learning-platform-oneclass-exposed-data-students-lecturers
Personal data of thousands of users from the UK, Australia, South Africa, the US, Singapore exposed in bitcoin scam
Security AffairsJun 30 2020 12:49
Group-IB discovered thousands of personal records of users from multiple countries exposed in a targeted multi-stage bitcoin scam. Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered thousands…
Hacker Groups
Promethium APT attacks surge, new Trojanized installers uncovered
ZDNet | Zero Day RSSJun 30 2020 12:35
The hacking group behind StrongPity is ignoring constant exposure by researchers in its quest for global intelligence and surveillance.
Hacking Timeline: Fxmsp’s Rise and Apparent Fall
CyberSecurityBoard.com – RSSJun 30 2020 06:47
How long does it take to become a reliable, trusted seller in the cybercrime-as-a-service ecosystem? For the Fxmsp hacking collective, experts say the answer is … …
Cyber-Espionage Group StrongPity Focuses on Kurdish Community
CERT-EU – Latest Articles Ongoing Threats – RSSJul 01 2020 04:28
. Recent attacks associated with the threat actor known as StrongPity appear to focus on the Kurdish community in Turkey and Syria, Bitdefender security researchers say. Active since at least 2012 and also tracked as Promethium, the threat actor was…
StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks
TSecurity.deJun 30 2020 18:02
The spy malware is being delivered via a complex infrastructure with multiple layers, in an effort to avoid analysis….
Malware
OSX.EvilQuest ransomware targets Macs; Ransom X blamed for TxDOT attack
SC Magazine USJun 30 2020 22:44
The crowded ransomware market is now home to three newly discovered players that recently gained the attention of security researchers and malware analysts — including one that targets Mac users and another blamed for a recent attack on the Texas…
UCSF Pays $1.14M After NetWalker Ransomware Attack
Threatpost.comJun 30 2020 16:12
UCSF has paid more than $1 million after a ransomware attack encrypted data related to "important" academic research on several servers.
Business giant Xerox allegedly suffers Maze Ransomware attack
BleepingComputer.comJun 30 2020 16:25
Maze ransomware operators have updated their list of victims adding Xerox Corporation to the roster. It appears that the encryption routine had completed on June 25. […]
InfoSecHotSpot – UCSF Pays $1.14M After NetWalker Ransomware Attack UCSF has paid more than $1 million after a ransomware attack enc… https://t.co/gd9wXDdPMi
InfoSecHotSpot – TwitterJul 01 2020 00:58
UCSF Pays $1.14M After NetWalker Ransomware Attack UCSF has paid more than $1 million after a ransomware attack encrypted data related to "important" academic research on several servers. https://bit.ly/2VyR0FC…
Vulnerabilities
InfoSecHotSpot – Critical flaw opens Palo Alto Networks firewalls and VPN appliances to attack, patch ASAP! Palo Alto Networks has p… https://t.co/dW0F60lKE3
InfoSecHotSpot – TwitterJun 30 2020 13:28
Critical flaw opens Palo Alto Networks firewalls and VPN appliances to attack, patch ASAP! Palo Alto Networks has patched a critical and easily exploitable vulnerability (CVE-2020-2021) affecting PAN-OS, the custom operating system running on its…
securityaffairs – #PaloAltoNetworks fixes a critical flaw in #firewall PAN-OS
https://t.co/AxaUiF8AoA
#securityaffairs #hacking…
securityaffairs – TwitterJun 30 2020 12:39
#PaloAltoNetworks fixes a critical flaw in #firewall PAN-OS

Palo Alto Networks fixes a critical flaw in firewall PAN-OS


#securityaffairs #hacking…

Not All Vulnerabilities Are Created Alike: Focus on What Matters Most
Tenable BlogJun 30 2020 18:41
As the number of security vulnerabilities continues to skyrocket, prioritization is necessary for organizations to effectively reduce their cyber risk. For more than two years, I’ve explained to security professionals at all levels that the…
securityaffairs – #PaloAltoNetworks fixes a critical flaw in #firewall PAN-OS
https://t.co/AxaUiF8AoA
#securityaffairs #hacking
securityaffairs – TwitterJun 30 2020 18:41
#PaloAltoNetworks fixes a critical flaw in #firewall PAN-OS

Palo Alto Networks fixes a critical flaw in firewall PAN-OS


#securityaffairs #hacking

Ongoing Campaigns
Geopolitical targets figuring in latest StrongPity/Promethium attacks
SC Magazine USJun 30 2020 21:44
StrongPity/Promethium, a potentially state-sponsored APT group active since 2012, isn’t letting exposed campaigns in recent years stop it from trying to install malware around the world, particularly in warzones such as Syria. Two separate reports…
Advanced StrongPity Hackers Target Syria and Turkey with Retooled Spyware
THN : The Hacker NewsJun 30 2020 07:45
Cybersecurity researchers today uncovered new details of watering hole attacks against the Kurdish community in Syria and Turkey for surveillance and intelligence exfiltration purposes. The advanced persistent threat behind the operation, called…
PROMETHIUM Expands Threat Reach via “StrongPity3”
TechNaduJun 30 2020 09:18
PROMETHIUM is expanding its targeting to more countries while deploying new malware as well. The actors are using trojanized apps as decoys to plant their payloads, and have updated their C2 infrastructure. The goal is to scan the infected systems for…
Faulty Drivers Fuel ATM Hacking Problem, Say Researchers
Infosecurity – Latest NewsJun 30 2020 18:52
Faulty Drivers Fuel ATM Hacking Problem, Say Researchers Faulty Windows drivers are to blame for many attacks against ATM and point-of-sale (POS) devices, according to research from Portland, Oregon–based hardware security research company …

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 08 July 2020

    Silobreaker's Daily COVID-19 Alert for 08 July 2020
  • Cyber Alert – 08 July 2020

    Cyber Alert: Exposed dating service databases leak sensitive info on romance-seekers...
  • COVID-19 Alert – 07 July 2020

    Silobreaker's Daily COVID-19 Alert for 07 July 2020
View all News

Request a demo

Get in touch