Cyber Alert – 04 May 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|KingSkrupellos
|3
|3
|Trickbot Malware
|4
|15
|Sodinokibi Ransomware
|4
|22
|Ryuk Ransomware
|2
|11
|Maze Ransomware
|5
|28
|Dreambot Malware
|1
|2
|Zloader Malware
|1
|2
|KPOT Stealer Malware
|1
|1
|EMOTET Trojan
|2
|6
|URSNIF
|1
|4
|Data Breaches
|India’s Jio Coronavirus symptom checker exposed test results
|Security Affairs – May 03 2020 19:47
|A security glitch in the self-test coronavirus symptom checker developed by India’s Jio cell network exposed test results. While Coronavirus was spreading worldwide, India’s largest cell network Jio, a subsidiary of Reliance, has developed a…
|Home affairs data breach may have exposed personal details of 770,000 migrants
|DataBreaches.net – May 03 2020 11:51
|Paul Karp reports that the government has been exposing personal details of 774,000 migrants and those wishing to migrate to Australia. The department’s SkillsSelect platform, hosted by the employment department, invites skilled workers and business…
|Hackers breach Ghost blogging platform to mine cryptocurrency
|HackRead – May 03 2020 17:36
|By Waqas The popular open-source blogging platform Ghost has suffered a security breach in which hackers attempted to mine cryptocurrency on… This is a post from HackRead.com Read the original post: …
|Hacker Groups
|Malware
|The Dreambot Malware Botnet Appears To Have Gone Silent and Possibly Shut Down
|E Hacking News – May 03 2020 15:14
|Dreambot's backend servers as per a report published by the CSIS Security Group, a cyber-security firm situated in Copenhagen, seem to have gone quiet and potentially shut down completely. It started in March around the same time when the…
|Sodinokibi, Ryuk ransomware drive up average ransom to $111,000
|DataBreaches.net – May 03 2020 11:50
|Ionut Ilascu reports: The first quarter of the year recorded an increase of the average amount ransomware operators demand from their victims. Compared to the previous quarter, a 33% swell was noted, driven by the Sodinokibi and Ryuk ransomware…
|Avast 2020 VS Ransomware
|MalwareTips.com – May 03 2020 16:38
|London accounting firm attacked by Sodinokibi operators
|DataBreaches.net – May 03 2020 11:51
|The London accountancy firm MJ Payne Ltd advertises that it is a Specialist accounting services for small and micro businesses. Stress free. They may need to redact the “Stress free” claim now that they have allegedly been attacked by …
|Vulnerabilities
|CVE-2020-11651, CVE-2020-11652: Critical Salt Framework Vulnerabilities Exploited in the Wild
|Tenable Blog – May 03 2020 21:43
|Shortly after the public disclosure of critical vulnerabilities in the Salt framework, exploitation attempts were observed, as two open source projects were breached using these flaws. Background On April 30, F-Secure Labs …
|Ongoing Campaigns
