03 November 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Maze Ransomware 30 61
Kimsuky 11 29
Kimsuky Malware 7 8
Wroba Banking Trojan 7 20
QakBot 8 11
CSPY Downloader 3 3
Magecart Group 4 5
The Shadow Brokers 3 3
GandCrab Ransomware 3 4
Guccifer2 3 4
Data Breaches
Breaches down 51%, exposed records set new record with 36 billion so farSeclists.org – Data Loss – Nov 02 2020 15:50Posted by Destry Winant on Nov 02 https://www.helpnetsecurity.com/2020/10/30/records-exposed-2020/ The number of records exposed has increased to a staggering 36 billion. There were 2,935 publicly reported breaches in the first three quarters of…
Privacy-focused True social network exposed user data onlineHackRead – Nov 02 2020 12:33By Deeba Ahmed A security lapse at the privacy-focused social networking app True exposed one of its servers, leading to private user data exposure. This is a post from HackRead.com Read the original post: …
helpnetsecurity – Breaches down 51%, exposed records set new record with 36 billion so far – https://t.co/1XqjVqg6qr – @RiskBased… https://t.co/QTRnoH18G3helpnetsecurity – Twitter – Nov 02 2020 15:30Breaches down 51%, exposed records set new record with 36 billion so far – https://www.helpnetsecurity.com/2020/10/30/records-exposed-2020/ – @RiskBased @AnalogGirl11 #cybersecurity #security #infosecurity #itsecurity #CISO #cybersecuritynews…
BleepinComputer – In a ‘Press Release’ to their data leak site, the Maze ransomware gang has officially shut down their operations.… https://t.co/Qs2LVSMo2nBleepinComputer – Twitter – Nov 02 2020 13:37In a 'Press Release' to their data leak site, the Maze ransomware gang has officially shut down their operations.

You can see their full statement below. https://twitter.com/BleepinComputer/status/1323257973754499073/photo/1

Hacker Groups
Founder of hacktivist group Anonymous is trying to take down QAnon9News.com.au – Nov 03 2020 05:12The founder of hacktivist group Anonymous has "come out of retirement" to take down far-right conspiracy theorists QAnon. Aubrey Cottle was unmasked as the mastermind behind the notorious hacker group in a report in The Atlantic in August. The group…
APT-C-35 Targeting Pakistani Military PersonnelIBM X-Force Exchange – Advisory Tag – RSS – Nov 02 2020 21:40Summary APT-C-35 continues to target Pakistani victims with similar tactics in their most recent campaign. 360 Core Security reports on their updated payloads and the victimology of this campaign. Threat Type Malware, APT Overview 360 Core Security has…
New Tools Make North Korea’s Kimsuky Group More DangerousDark Reading – All Stories – Nov 02 2020 22:15Threat actor actively targeting US organizations in global intelligence-gathering campaign, government says.
runasand – In which @emptywheel states someone used the same IP address when logging into a Guccifer 2.0 account *and* a stagi… https://t.co/GXfsPdXSturunasand – Twitter – Nov 02 2020 22:46In which @emptywheel states someone used the same IP address when logging into a Guccifer 2.0 account *and* a staging site for The Shadow Brokers. 🤔…
Malware
Maze, a notorious ransomware group, says it’s shutting downMalwareTips.com – Nov 02 2020 19:16One of the most active and notorious data-stealing ransomware groups, Maze, says it is “officially closed.” The announcement came as a waffling statement, riddled with spelling mistakes, and published on its website on the dark web, which for the past…
North Korean Group Kimsuky Targets Government Agencies With New MalwareSecurityPhresh – Nov 02 2020 14:11North Korea-linked threat actor Kimsuky was recently observed using brand new malware in attacks on government agencies and human rights activists, Cybereasons security researchers say.read more
Enel Group hit by ransomware again, Netwalker demands $14 millionSeclists.org – Data Loss – Nov 02 2020 15:49Posted by Destry Winant on Nov 02…
How to protect backups from ransomwareCSO Online News – Nov 02 2020 11:00Despite a recent decline in attacks, ransomware still poses significant threats to…
Vulnerabilities
Oracle issues emergency patch for CVE-2020-14750 WebLogic Server flawSecurity Affairs – Nov 02 2020 21:53Oracle issued an out-of-band security update to address a critical remote code execution issue (CVE-2020-14750) impacting multiple Oracle WebLogic Server versions. Oracle issued an out-of-band security update to address a critical remote code…
SecurityWeek – Oracle Warns of WebLogic Flaw Related to Exploited Vulnerability https://t.co/ErV8wAah1kSecurityWeek – Twitter – Nov 02 2020 21:06Oracle Warns of WebLogic Flaw Related to Exploited Vulnerability https://www.securityweek.com/oracle-warns-weblogic-flaw-related-exploited-vulnerability
InfoSecHotSpot – Google discloses actively exploited Windows zero-day (CVE-2020-17087) Google researchers have made public a Windows… https://t.co/2VKScMj0uKInfoSecHotSpot – Twitter – Nov 02 2020 15:28Google discloses actively exploited Windows zero-day (CVE-2020-17087) Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild in tandem with a Google Chrome flaw…
SecurityWeek – Oracle Warns of WebLogic Flaw Related to Exploited Vulnerability https://t.co/ErV8wzSFCKSecurityWeek – Twitter – Nov 02 2020 23:26Oracle Warns of WebLogic Flaw Related to Exploited Vulnerability https://www.securityweek.com/oracle-warns-weblogic-flaw-related-exploited-vulnerability
Ongoing Campaigns
Charming Kitten APT Launched Spoofing Attacks Against Key PersonalitiesCyware – Nov 02 2020 18:36Without evaluating the authenticity of received emails, clicking on any embedded link could redirect victims to a legitimate-looking yet malicious domain. An Iranian threat actor, known as Phosphorus APT (aka Charming Kitten or APT 35), has been seen…
Turla APT: Active Again with Newly Developed BackdoorsCyware – Nov 02 2020 18:36Turla, a Russia-based cybercriminal group, is active again and now using several older backdoors with updates and improvements. Most of the backdoors are used for the purpose of persistence. Recently, the group launched an attack campaign against…
Healthcare – ThreatConnect Identifies Potential Ryuk Infrastructure – Possible Wizard Spider AssociationInformation Security Buzz – Nov 02 2020 15:54The FBI has warned that US hospital systems are facing ‘imminent’ threat of cyber attacks. In light of this, the ThreatConnect research team has identified several sets of infrastructure associated with ongoing Ryuk activity – the type of ransomware…
Protect your business from a DoS attack with your firewallInfoSec Bug Bounty Write-ups – RSS – Nov 02 2020 12:02Protect your business from a DoS attack, with your firewall Of all the cyber threats in the past 30 years, a denial of service attack is probably the most known and complex for your business . that being said, it is…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal