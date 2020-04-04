Cyber Alert – 04 April 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Pegasus Malware
|3
|3
|Magecart Group 7
|3
|6
|MakeFrame
|3
|8
|Magecart Group
|4
|10
|CoinMiner Malware
|2
|3
|EMOTET Trojan
|4
|6
|LokiBot Trojan
|2
|3
|Sodinokibi Ransomware
|3
|15
|Gudwin Backdoor
|1
|3
|Netwire RAT
|1
|2
|Data Breaches
|Data Breach: A summary of healthcare security incidents in March 2020. Are you a victim of Medical Identity Theft?
|Security Bloggers Network – Apr 03 2020 12:13
|A…
|Key Ring App Data Leak Exposes 44 Million Images
|Seclists.org – Data Loss – Apr 03 2020 14:28
|Posted by Destry Winant on Apr 03 https://www.infosecurity-magazine.com/news/key-ring-app-data-leak-exposes-44m/ A digital wallet app with millions of users has become the latest organization to be caught storing customer data in unsecured Amazon…
|The Good, the Bad and the Ugly in Cybersecurity – Week 14
|SentinelOne – Apr 03 2020 15:00
|The Good This is an interesting time to be part of the security industry. The struggle to protect and preserve critical infrastructure and services has taken on an entirely new and elevated sense of urgency. There is a great deal of uncertainty as…
|Open Cloud Database Exposes 200 Million Americans
|Security Affairs – Apr 03 2020 18:19
|Experts revealed that an unauthorized party compromised more than 200 million user records hosted somewhere within the U.S. in a Google Cloud…
|Hacker Groups
|Magecart Group Hits Small Businesses With Updated Skimmer
|BankInfoSecurity – Apr 03 2020 19:15
|Researchers Determine That 19 Ecommerce Sites Have…
|Magecart group 7 use new e-skimmer to steal payment data
|Security Affairs – Apr 03 2020 13:58
|RiskIQ researchers spotted a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites. Researchers from security firm RiskIQ have uncovered a new ongoing …
|Malware
|GuLoader: Malspam Campaign Installing NetWire RAT
|Unit 42 – Palo Alto Networks Blog – Apr 03 2020 13:00
|NetWire, a publicly-available RAT, was found being distributed through a file downloader called GuLoader. We explain how its infection chain works and how to defend against it. The post …
|AZORult Brings Friends to The Party
|MalwareTips.com – Apr 03 2020 12:29
|Attackers are constantly reinventing ways of monetizing their tools. Cisco Talos recently discovered a complex campaign with several different executable payloads, all focused on providing financial benefits for the attacker in a slightly different…
|Microsoft: How one Emotet infection took out this organization’s entire network
|ZDNet Security – Apr 03 2020 12:27
|An Emotet victim's IT disaster shows why organizations should filter internal emails and use two-factor authentication.
|Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer
|Threatpost.com – Apr 03 2020 12:50
|The attack discovered uses World Health Organization trademark to lure users with info related to coronavirus.
|Vulnerabilities
|CVE-2020-6819, CVE-2020-6820: Critical Mozilla Firefox Zero-Day Vulnerabilities Exploited in the Wild
|Tenable Blog – Apr 04 2020 03:55
|Researchers report multiple zero-day vulnerabilities in Mozilla Firefox and note that other browsers are also affected. Background On April 3, Mozilla Foundation…
|A Security Researcher Got $75k for an iPhone Camera Hack
|TechNadu – Apr 03 2020 14:18
|A talented security researcher has received $75,000 from Apple for reporting seven zero-days. Three of these flaws could be used in an exploit chain to access the iPhone’s microphone and camera. Apple fixed the critical problem in just a couple of…
|US Government Advises Everyone to Upgrade Google Chrome as Soon as Possible
|HOTforSecurity – Apr 03 2020 14:28
|…
|100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack
|Security Affairs – Apr 03 2020 08:50
|An authenticated stored cross-site scripting (XSS) vulnerability could allow attackers to create rogue admins on WordPress sites using Contact Form 7 Datepicker plugin. Administrators of WordPress sites using the Contact Form 7 Datepicker plugin…
|Ongoing Campaigns
