Threat Reports

Cyber Alert – 05 June 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Goblin Panda 17 32
USBCulprit 14 25
Maze Ransomware 24 54
Mailto Ransomware 13 37
APT31 6 6
Higaisa 6 7
APT35 5 6
Ice Fog APT 4 4
URSNIF 5 15
PlugX Trojan 4 6
Data Breaches
troyhunt – RT @haveibeenpwned: New breach: Indian self-drive car rental company Zoomcar was breached in 2018 and had 3.5M records exposed then sold in…
troyhunt – TwitterJun 05 2020 03:03
RT @haveibeenpwned: New breach: Indian self-drive car rental company Zoomcar was breached in 2018 and had 3.5M records exposed then sold in 2020. Names, emails and IPs, phones and bcrypt password hashes were exposed. 70% were already in…
InfoSecHotSpot – Cybercriminals exposed 5 billion records in 2019, costing U.S. organizations over $1.2 trillion Cybercriminals expo… https://t.co/WRbxiWjCqp
InfoSecHotSpot – TwitterJun 04 2020 08:58
Cybercriminals exposed 5 billion records in 2019, costing U.S. organizations over $1.2 trillion Cybercriminals exposed over 5 billion records in 2019, costing over $1.2 trillion to U.S. organizations, according to ForgeRock. Coupled with breaches in…
Personal Data of 74,000 Members of San Francisco Retirement System Exposed
Infosecurity – Latest NewsJun 04 2020 14:15
Personal Data of 74,000 Members of San Francisco Retirement System Exposed A data breach has occurred at the San Francisco Employees’ Retirement System (SFERS), potentially exposing the personal details of…
thinksnews – Top story: Cybercriminals exposed 5 billion records in 2019, costing U.S. organizations over $1.2 trillion – Help N… https://t.co/1rmGHyhiee
thinksnews – TwitterJun 04 2020 10:09
Top story: Cybercriminals exposed 5 billion records in 2019, costing U.S. organizations over $1.2 trillion – Help Net Security https://www.helpnetsecurity.com/2020/06/04/cybercriminals-exposed-5-billion-records-in-2019/, see more…
Hacker Groups
bkMSFT – ZIRCONIUM (APT31) has been very very busy the past 45 days
bkMSFT – TwitterJun 04 2020 17:09
ZIRCONIUM (APT31) has been very very busy the past 45 days
ak1010 – RT @bkMSFT: ZIRCONIUM (APT31) has been very very busy the past 45 days https://t.co/14hb2g17lH
ak1010 – TwitterJun 04 2020 18:52
RT @bkMSFT: ZIRCONIUM (APT31) has been very very busy the past 45 days https://twitter.com/ShaneHuntley/status/1268589221368885249
Pawn Storm: new techniques drive 2019 patterns
IT-OnlineJun 04 2020 09:00
Pawn Storm, one of the most notorious global hacking groups, has been relying on increasingly sophisticated techniques to compromise organisational defences. By Indi Siriniwasa, vice-president of Trend Micro Sub-Saharan Africa From spear-phishing…
Hacking group Anonymous has returned for George Floyd protests – or has it?
TelegraphJun 05 2020 05:05
Some accounts claiming to be the anarchistic hacking organisation of the early 2000s have been unmasked as hoaxes A decade ago, a series of high-profile cyber attacks hit Paypal, Sony and Visa. The culprits, symbolised only by a Guy Fawkes mask,…
Malware
USBCulprit malware targets air-gapped systems to steal govt info
BleepingComputer.comJun 04 2020 13:43
The newly revealed USBCulprit malware is used by a group known as Cycldek, Conimes, or Goblin Panda and is designed for compromising air-gapped devices via USB. […]
Expert Reaction On DopplePaymer Ransomware Infected The Network Of One Of NASA’s IT Contractors
Information Security BuzzJun 04 2020 10:06
The operators of the DopplePaymer ransomware have congratulated SpaceX and NASA for their first human-operated rocket launch and then immediately announced that they infected the network of one of NASA’s IT contractors. In a blog post…
Nuclear missile contractor hacked in Maze ransomware attack
Naked Security – SophosJun 04 2020 11:54
Attackers hacked and encrypted the computers of a contractor whose clients include the US military, government agencies and major military contractors.
NetWalker ransomware continues streak of college attacks
Office of Inadequate SecurityJun 05 2020 01:36
Benjamin Freed reports: A form of ransomware known as NetWalker added two more colleges to its list of victims Wednesday by…
Vulnerabilities
NA – CVE-2020-9292 – An unquoted service path vulnerability in the…
CERT-EU VulnerabilitiesApplicationsJun 04 2020 15:55
An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path. COMPANY. Security-Database help your corporation foresee and avoid any security…
Security Bulletin: WebSphere Application Server is vulnerable to an information exposure vulnerability (CVE-2020-4449)
CERT-EU VulnerabilitiesApplicationsJun 05 2020 01:21
Share this post: WebSphere Application Server is vulnerable to an information exposure vulnerability. This has been addressed. Affected product(s) and affected version(s): IBM Product Security Vulnerabilities. See information about: IBM Security…
CVE-2020-11091
CERT-EU VulnerabilitiesApplicationsJun 04 2020 06:25
In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not…
CVE-2020-13768
CERT-EU VulnerabilitiesApplicationsJun 05 2020 00:32
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to , and CVE-2019-17601 . NOTE: this product is discontinued.
Ongoing Campaigns
Chinese Hackers Target Air-Gapped Systems With Custom USB Malware
Security WeekJun 04 2020 15:28
For years, a China-linked threat actor named Cycldek has been exfiltrating data from air-gapped systems using a previously unreported, custom USB malware family, Kaspersky reports. Also referred to as Goblin Panda and Conimes, the hacking group has…
Chinese, Iranian phishing campaigns target Biden, Trump campaigns
SC Magazine USJun 04 2020 21:28
Joe Biden and Donald Trump’s campaigns may be worlds apart on issues and in style, but they share common cyber enemies, according to the Google Threat Analysis Group (TAG), which said both are the targets of phishing campaigns by nation-states like…
Ransomware group opens dark web auction house to sell stolen data
SC Magazine UKJun 04 2020 09:41
38 minutes ago The REvil ransomware group has added a self-hosted online auction feature to its dark web presence. It uses stolen data as leverage when it comes to demanding the ransom is paid, Another month, another step in the evolution of the…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 08 July 2020

    Silobreaker's Daily COVID-19 Alert for 08 July 2020
  • Cyber Alert – 08 July 2020

    Cyber Alert: Exposed dating service databases leak sensitive info on romance-seekers...
  • COVID-19 Alert – 07 July 2020

    Silobreaker's Daily COVID-19 Alert for 07 July 2020
View all News

Request a demo

Get in touch