04 November 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
UNC1945 12 19
KPOT Stealer Malware 6 6
KGH_SPY 6 9
Sodinokibi Ransomware 6 37
Kegtap 4 27
MuddyWater Group 5 7
Maze Ransomware 8 68
Hentai Onichan Ransomware 2 2
King Engine Ransomware 2 3
QakBot 4 13
Data Breaches
34 Mil Records Exposed Online; Attack On Gold Bullion BrokerInformation Security Buzz – Nov 03 2020 15:12In addition to the news of the sale online of 34 million users’ records from 17 companies, an attack on gold seller JM Bullion has been reported via a notice from the company. Here is a perspective from cybersecurity experts on both of these…
InfoSecHotSpot – 6 Cybersecurity Lessons From 2020 The COVID-19 pandemic exposed new weaknesses in enterprise cybersecurity prepared… https://t.co/NUiqlj99nZInfoSecHotSpot – Twitter – Nov 03 2020 18:586 Cybersecurity Lessons From 2020 The COVID-19 pandemic exposed new weaknesses in enterprise cybersecurity preparedness. https://bit.ly/2TPJOUr https://twitter.com/InfoSecHotSpot/status/1323701067851464710/photo/1
Securityblog – RT @jeremiahg: Many InfoSec industry reports state that exposed Remote Desktop Protocol (RDP) ports are a leading cause of breaches. One cy…Securityblog – Twitter – Nov 03 2020 21:59RT @jeremiahg: Many InfoSec industry reports state that exposed Remote Desktop Protocol (RDP) ports are a leading cause of breaches. One cyber-insurance carrier told me they will not write policies for those with open RDP. So, I was curious how…
cyb3rops – RT @SpyseHQ: Explore through 3.3k of IP addresses exposed to CVE-2020-14882 (Vulnerability in the Oracle WebLogic Server). 🔥

Easy #BugBoun…cyb3rops – Twitter – Nov 03 2020 14:32RT @SpyseHQ: Explore through 3.3k of IP addresses exposed to CVE-2020-14882 (Vulnerability in the Oracle WebLogic Server). 🔥

Easy #BugBounty 😉 https://twitter.com/SpyseHQ/status/1321551194549112832/photo/1

Hacker Groups
Live off the Land? How About Bringing Your Own Island? An Overview of UNC1945Reddit – Netsec – Nov 03 2020 16:25submitted by /u/0xdea [link]…
APT Groups Finding Success with Mix of Old and New ToolsMalwareTips.com – Nov 03 2020 19:57Advanced persistent threat (APT) groups continue to use the fog of intense geopolitics to supercharge their campaigns, but beyond these themes, actors are developing individual signature… Click to expand……
UNC1945 – Threat Actor that Targets Solaris and Telecommunications CompaniesIBM X-Force Exchange – Advisory Tag – RSS – Nov 04 2020 03:38Summary UNC1945 is a threat actor that Mandiant has been tracking since 2018. UNC1945 has primarily targeted exposed Solaris servers in the networks of telecommunications entities. Mandiant has published a report on the activities of UNC1945…
Founder of hacktivist group Anonymous is trying to take down QAnon9News – National News – RSS – Nov 03 2020 06:00The founder of hacktivist group Anonymous has "come out of…
Malware
REvil ransomware gang ‘acquires’ KPOT malwareZDNet Security – Nov 04 2020 00:30Ransomware gang who claims to have earned $100 million buys the source code of the KPOT information stealer trojan for $6,500.
Ransomware Alert as Emotet Detections Surge 1200%Infosecurity – Latest News – Nov 03 2020 10:32Ransomware Alert as Emotet Detections Surge 1200% Detected attacks using the Emotet Trojan soared by over 1200% from Q2 to the third quarter of this year, supporting a surge in ransomware campaigns, according to the latest data from HP Inc. <…
ZDNet – REvil ransomware gang ‘acquires’ KPOT malware https://t.co/uu278mzDCc by @campuscodiZDNet – Twitter – Nov 04 2020 00:30REvil ransomware gang 'acquires' KPOT malware https://zd.net/2TQXcaS by @campuscodi
InfoSecHotSpot – Ryuk ransomware behind one third of all ransomware attacks in 2020 There’s a growing use of ransomware, encrypted t… https://t.co/3kcbsLaDPQInfoSecHotSpot – Twitter – Nov 03 2020 09:28Ryuk ransomware behind one third of all ransomware attacks in 2020 There’s a growing use of ransomware, encrypted threats and attacks among cybercriminals leveraging non-standard ports, while overall malware volume declined for the third consecutive…
Vulnerabilities
cybersecboardrm – Critical Oracle WebLogic flaw CVE-2020-14882 actively exploited in the wild #Cybersecurity #security https://t.co/4CGemwqHp2cybersecboardrm – Twitter – Nov 03 2020 20:47Critical Oracle WebLogic flaw CVE-2020-14882 actively exploited in the wild #Cybersecurity #security…
securityaffairs – #Oracle issues emergency patch for CVE-2020-14750 #WebLogic Server flaw
https://t.co/j6mFYltxsr
#securityaffairs #hacking
securityaffairs – Twitter – Nov 03 2020 08:47#Oracle issues emergency patch for CVE-2020-14750 #WebLogic Server flaw

Oracle issues emergency patch for CVE-2020-14750 WebLogic Server flaw


#securityaffairs #hacking

InfoSecHotSpot – Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw The remote code-execution flaw (CVE-2020-14750) is lo… https://t.co/O8AFydBRGiInfoSecHotSpot – Twitter – Nov 03 2020 16:58Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw The remote code-execution flaw (CVE-2020-14750) is low-complexity and requires no user interaction to exploit. https://bit.ly/329HOeg…
Oracle Patches Severe Flaw In WebLogic ServerSecurityPhresh – Nov 03 2020 14:22Oracle Patches Severe Flaw In WebLogic Server
Ongoing Campaigns
UNC1945, a sophisticated threat actor used Oracle Solaris Zero-Day exploitSecurity Affairs – Nov 04 2020 00:32A sophisticated threat actor, tracked as UNC1945, has been observed exploiting vulnerabilities in the Oracle Solaris operating systems for over two years. Researchers from FireEye reported that a sophisticated threat actor, tracked as UNC1945, has…
APT trends report Q3 2020Kaspersky Lab – Nov 03 2020 10:00
Learn About SQL Injection AttacksMedium Cybersecurity – RSS – Nov 03 2020 17:47
Two Charged in SIM Swapping, Vishing ScamsKrebs on Security – Nov 03 2020 18:30Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal