Threat Reports

Cyber Alert – 02 May 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Maze Ransomware 15 26
EventBot 7 25
PhantomLance 5 27
Clop Ransomware 3 11
Ryuk Ransomware 3 7
Cerberus Malware 2 4
Shade Ransomware 3 28
Trickbot Malware 4 11
TA2101 2 4
URSNIF 2 3
Data Breaches
Cybersecurity Expert Reaction On Fingerprints Exposed By OnePlus Vulnerability
Information Security BuzzMay 01 2020 15:33
A OnePlus 7 security flaw could have exposed users’ fingerprints to hackers, according to Trusted Reviews. Although the vulnerability has now been fixed, it has not yet been revealed how long it was present for, meaning that bad actors may have…
Ninja Forms WordPress bug exposed over a million users to XSS attacks, website hijacking
ZDNet Zero Day BlogMay 01 2020 10:22
The severe XSS vulnerability permitted site takeover and visitor browser redirection to malicious websites.
Hacker Groups
The Maze Gang Claims to Have Stolen 11 Million Credit Card Records From “Banco BCR”
TechNaduMay 01 2020 14:03
Source: Wikimedia, Credits: Luciuskam The operators of the Maze ransomware claim to have compromised Banco BCR, stealing millions of credit card details. The actors stated that the bank remained unsecured for months, while they didn’t lock its systems…
Google Play falls victim to PhantomLace hacking campaign
IT Pro UKMay 01 2020 19:44
Google Play has served as a hacker playground for years. Most recently, security researchers identified state-sponsored spies who repeatedly dumped their hacking tools into the Play store , and onto the unsuspecting users’ devices. Dubbed PhantomLace,…
Malware Watch – W/E – 5/1/20
Tech-Wreck InfoSec BlogMay 01 2020 17:56
Black Rose Lucy Malware Fabricates Warning from the FBI (04/28/2020) Check Point Research has uncovered a new malware variant that tricks Android mobile users into encrypting their files and…
The Good, the Bad and the Ugly in Cybersecurity – Week 18
SentinelOneMay 01 2020 16:00
The Good It remains to be seen whether this presages something worse to come, but for now there’s welcome news for potentially hundreds of thousands of ransomware victims. A …
Malware
New EventBot Malware Steals Banking Passwords | Avast
Security Bloggers NetworkMay 01 2020 13:00
A new malware called EventBot is infecting Android devices in order to steal login credentials for banking apps and cryptocurrency wallets, TechCrunch reported….
Dreambot Malware Infrastructure Remains Down as Operations Went Silent
TechNaduMay 01 2020 12:03
The Dreambot trojan seems to have abruptly stopped operations, as the infrastructure remains down for weeks now. There have been no new versions in the wild since March, so this might be the end of Dreambot. It is highly unlikely that this will bring…
Update to Maze’s ransomware attack on Hammersmith Medicines Research
DataBreaches.netMay 01 2020 12:40
On March 21, this site reported that Maze Team had attacked Hammersmith Medicines Research (HMR) in London — a clinical testing firm that conducts early Phase 1 and Phase 2 pharmacological tests. Maze had attacked and locked up their data on…
2020-05-01 – XLS macro –> Loader EXE –> IcedID (Bokbot)
Malware-Traffic-Analysis.net – Blog EntriesMay 01 2020 21:58
Vulnerabilities
Vulnerability management
SC Magazine USMay 01 2020 12:44
A well-run vulnerability management program removes the guesswork, says . his month, we revisited a mixture of familiar and new faces. is such a basic security element that occasionally it gets overlooked. However, these tools should be a staple in…
CVE-2020-1967: proving sigalg != NULL
Seclists.org – Full DisclosureMay 01 2020 17:56
Posted by Imre Rad on May 01 I created a proof of concept exploit about the recent OpenSSL signature_algorithms_cert DoS flaw (CVE-2020-1967). Credit for the original finding goes to Bernd Edlinger. This is a null pointer dereference while…
Over 800K WordPress sites are at risk due to a flaw in Ninja Forms plugin
Security AffairsMay 01 2020 08:38
The development team oh the Ninja Forms WordPress plugin fixed a high severity security flaw that can let attackers take over websites. The developers behind the Ninja Forms WordPress plugin have addressed a Cross-Site Request Forgery…
Digital Defense Frontline Vulnerability Manager
SC Magazine USMay 01 2020 12:27
Vendor: Digital Defense, Inc. Price: $1,800 for an annual subscription for small businesses; $14,400 for 1,000 active IPs (annual, unlimited scaling) Contact: digitaldefense.com Quick Read Strengths: The modern, attractive dashboard makes this entire…
Ongoing Campaigns
DoppelPaymer Ransomware Targets US Suburb and Steal 200 GB Data
CywareMay 01 2020 19:04
DoppelPaymer ransomware actors recently targeted a city in the Los Angeles County, stealing the data and encrypting the devices, threatening to leak the data, if the ransom is not paid on time. Attack of the LA Suburb The City of Torrance, a coastal…
SQL Injection Attack: What It Is & How to Protect Your Business
Security Bloggers NetworkMay 01 2020 18:27
Web-applications attacks, including SQL injection attacks, more than doubled in 2019, according to data from SonicWall Taking into account the trends for more and more businesses going online, the number… The post …

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 03 August 2020

    Silobreaker's Daily COVID-19 Alert for 03 August 2020
  • Cyber Alert – 03 August 2020

    Cyber Alert: InfoSecHotSpot - 10 billion records exposed in unsecured databases, study says The databases contain personal information that could… https://t.co/LYBl2kpNgL...
  • COVID-19 Alert – 02 August 2020

    Silobreaker's Daily COVID-19 Alert for 02 August 2020
View all News

Request a demo

Get in touch