This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
LokiBot Trojan 31 36
Evilnum 15 28
BetaBot 12 13
PyVil RAT 10 24
Evilnum Group 10 26
TA505 11 22
Thanos Ransomware 7 7
GraceWire Malware 4 9
SunCrypt Ransomware 5 9
PwndLocker 3 4
Data Breaches
US cell carrier Assist Wireless exposed thousands of customer IDs
Seclists.org – Data LossSep 04 2020 14:33
Posted by Destry Winant on Sep 04 https://techcrunch.com/2020/09/02/assist-wireless-customer-data-exposed/ U.S. cell carrier Assist Wireless left tens of thousands of personal customer documents on its website by mistake. Assist provides free…
troyhunt – @evildagmar Only if the private key is exposed, that’s the whole point of encryption
troyhunt – TwitterSep 04 2020 21:19
@evildagmar Only if the private key is exposed, that’s the whole point of encryption
Fundraising Page For Salon Owner Who Exposed Pelosi Raises $140,000 In Just Two Days
SecurityPhreshSep 05 2020 03:10
A fundraising campaign set up on behalf of the owner of the San Francisco salon at the centre of a controversy with house speaker Nancy Pelosi has raised more than $140,000 (106,150) in just two days.The GoFundMe page, that describes itself as the…
Warner Music Group Admits Breach
Dark Reading:Sep 04 2020 17:30
The months-long breach hit financial details for customers.
Hacker Groups
FBI examined Google records to see if anyone had knowledge of Guccifer persona
Hacker NewsSep 04 2020 21:48
Comments
Evilnum APT used Python-based RAT PyVil in recent attacks
TerabitWeb Blog – RSSSep 04 2020 06:41
Original Post from Security Affairs Author: Pierluigi Paganini The Evilnum APT group has added a…
g0tmi1k – RT @Securelist: Part two of our deep-dive into the Transparent Tribe group, also known as PROJECTM or MYTHIC LEOPARD – including a look at…
g0tmi1k – TwitterSep 04 2020 20:19
RT @Securelist: Part two of our deep-dive into the Transparent Tribe group, also known as PROJECTM or MYTHIC LEOPARD – including a look at the #Android implant.

Full report 👇…

Jan0fficial – @Kostastsale @ffforward @MsftSecIntel also this “tracking of dudear operations”
it’s TA505’s operations.. not dudea… https://t.co/lu3QaoYqjb
Jan0fficial – TwitterSep 04 2020 20:19
@Kostastsale @ffforward @MsftSecIntel also this "tracking of dudear operations"
it's TA505's operations.. not dudear..
you can say "tracking of dudear campaign, a TAxyz operation" https://twitter.com/Jan0fficial/status/1301978183655456768/photo/1
Malware
Expert Reaction On Apple Approves OSX.Shlayer Malware
Information Security BuzzSep 04 2020 18:54
Following this week’s  news,  that Apple accidentally approved one of the most popular Mac malware threats, OSX.Shlayer, as part of its security notarisation process, please see below for a comment from cybersecurity expert,  Kaspersky .
SunCrypt Ransomware shuts down North Carolina school district
BleepingComputer.comSep 04 2020 19:03
A school district in North Carolina has suffered a data breach after having unencrypted files stolen during an attack by the SunCrypt Ransomware operators, BleepingComputer has discovered. […]
‘NetWalker’ ransomware explodes thanks to ‘as a service’ expansion
IT Pro UKSep 04 2020 09:26
A ransomware  group known as 'NetWalker' has been linked with a spate of attacks on businesses, after pivoting to a 'ransomware as a service' (RaaS) model, with the group offering its tools for sale over the dark web. While the malware has been…
No Rest For The Wicked: Evilnum Unleashes PyVil RAT
DataBreaches.netSep 04 2020 10:45
Research by: Tom Fakterman Over the course of the last few months, the Cybereason Nocturnus team has been investigating the activity of the Evilnum group. The group first emerged in 2018, and since then, Evilnum’s activity has been varied,…
Vulnerabilities
Re: CVE-2020-14386: Linux kernel: af_packet.c vulnerability
Open Source SecuritySep 04 2020 07:37
Posted by Solar Designer on Sep 04 In the proposed patch you have: Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt") That commit was in July 2008. While this is technically correct, it can be misleading, so I am posting the below…
Security Flaws & Fixes – W/E – 9/4/20
Tech-Wreck InfoSec BlogSep 04 2020 13:01
 Bug Bounty Awarded for ID of Slack Desktop Flaw (08/31/2020) Slack patched a critical remote code execution vulnerability that could enable an attacker to execute arbitrary code in the…
Expert On Study Finds Serious Problems With Vulnerability Management
Information Security BuzzSep 04 2020 19:54
The majority of IT departments are underestimating the maturity of their vulnerability remediation programs by a wide margin, according to a study from Vulcan Cyber. The company said it was surprised that most organizations think that they are much…
Full Disclosure – Telnet Hardcoded credentials – CVE-2018-20432
Seclists.org – Full DisclosureSep 04 2020 16:32
Posted by CSW Research Lab on Sep 04 *Title*: Telnet Hardcoded Credentials *Summary*: The latest versions of the firmware have hardcoded default credentials that can be exploited by an unauthenticated attacker to gain privileged access to the…
Ongoing Campaigns
DoS and DDoS Attacks against Multiple Sectors
Kashif AliSep 04 2020 16:28
Original release date: September 4, 2020 The Cybersecurity and Infrastructure Security Agency (CISA) is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against finance and business…
DDoS Attacks on Virtual Education Rise 350%
Infosecurity – Latest NewsSep 04 2020 16:05
DDoS Attacks on Virtual Education Rise 350% Distributed denial of service (DDoS) attacks against online educational resources are over three times more prevalent in 2020 than they were last year, according to new research by …
Chinese APT TA413 Found Distributing Sepulcher Malware
CywareSep 04 2020 18:24
The current threat landscape is heavily focused on pandemic-themed social engineering lures. A not-so groundbreaking spyware Recently, Proofpoint researchers released an analysis report of a remote access trojan (RAT) dubbed Sepulcher….
BEC Attack Payments Are on the Rise, Report Finds
Security Bloggers NetworkSep 04 2020 07:15

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
LokiBot Trojan 31 36
Evilnum 15 28
BetaBot 12 13
PyVil RAT 10 24
Evilnum Group 10 26
TA505 11 22
Thanos Ransomware 7 7
GraceWire Malware 4 9
SunCrypt Ransomware 5 9
PwndLocker 3 4
Data Breaches
US cell carrier Assist Wireless exposed thousands of customer IDs
Seclists.org – Data LossSep 04 2020 14:33
Posted by Destry Winant on Sep 04 https://techcrunch.com/2020/09/02/assist-wireless-customer-data-exposed/ U.S. cell carrier Assist Wireless left tens of thousands of personal customer documents on its website by mistake. Assist provides free…
troyhunt – @evildagmar Only if the private key is exposed, that’s the whole point of encryption
troyhunt – TwitterSep 04 2020 21:19
@evildagmar Only if the private key is exposed, that’s the whole point of encryption
Fundraising Page For Salon Owner Who Exposed Pelosi Raises $140,000 In Just Two Days
SecurityPhreshSep 05 2020 03:10
A fundraising campaign set up on behalf of the owner of the San Francisco salon at the centre of a controversy with house speaker Nancy Pelosi has raised more than $140,000 (106,150) in just two days.The GoFundMe page, that describes itself as the…
Warner Music Group Admits Breach
Dark Reading:Sep 04 2020 17:30
The months-long breach hit financial details for customers.
Hacker Groups
FBI examined Google records to see if anyone had knowledge of Guccifer persona
Hacker NewsSep 04 2020 21:48
Comments
Evilnum APT used Python-based RAT PyVil in recent attacks
TerabitWeb Blog – RSSSep 04 2020 06:41
Original Post from Security Affairs Author: Pierluigi Paganini The Evilnum APT group has added a…
g0tmi1k – RT @Securelist: Part two of our deep-dive into the Transparent Tribe group, also known as PROJECTM or MYTHIC LEOPARD – including a look at…
g0tmi1k – TwitterSep 04 2020 20:19
RT @Securelist: Part two of our deep-dive into the Transparent Tribe group, also known as PROJECTM or MYTHIC LEOPARD – including a look at the #Android implant.

Full report 👇…

Jan0fficial – @Kostastsale @ffforward @MsftSecIntel also this “tracking of dudear operations”
it’s TA505’s operations.. not dudea… https://t.co/lu3QaoYqjb
Jan0fficial – TwitterSep 04 2020 20:19
@Kostastsale @ffforward @MsftSecIntel also this "tracking of dudear operations"
it's TA505's operations.. not dudear..
you can say "tracking of dudear campaign, a TAxyz operation" https://twitter.com/Jan0fficial/status/1301978183655456768/photo/1
Malware
Expert Reaction On Apple Approves OSX.Shlayer Malware
Information Security BuzzSep 04 2020 18:54
Following this week’s  news,  that Apple accidentally approved one of the most popular Mac malware threats, OSX.Shlayer, as part of its security notarisation process, please see below for a comment from cybersecurity expert,  Kaspersky .
SunCrypt Ransomware shuts down North Carolina school district
BleepingComputer.comSep 04 2020 19:03
A school district in North Carolina has suffered a data breach after having unencrypted files stolen during an attack by the SunCrypt Ransomware operators, BleepingComputer has discovered. […]
‘NetWalker’ ransomware explodes thanks to ‘as a service’ expansion
IT Pro UKSep 04 2020 09:26
A ransomware  group known as 'NetWalker' has been linked with a spate of attacks on businesses, after pivoting to a 'ransomware as a service' (RaaS) model, with the group offering its tools for sale over the dark web. While the malware has been…
No Rest For The Wicked: Evilnum Unleashes PyVil RAT
DataBreaches.netSep 04 2020 10:45
Research by: Tom Fakterman Over the course of the last few months, the Cybereason Nocturnus team has been investigating the activity of the Evilnum group. The group first emerged in 2018, and since then, Evilnum’s activity has been varied,…
Vulnerabilities
Re: CVE-2020-14386: Linux kernel: af_packet.c vulnerability
Open Source SecuritySep 04 2020 07:37
Posted by Solar Designer on Sep 04 In the proposed patch you have: Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt") That commit was in July 2008. While this is technically correct, it can be misleading, so I am posting the below…
Security Flaws & Fixes – W/E – 9/4/20
Tech-Wreck InfoSec BlogSep 04 2020 13:01
 Bug Bounty Awarded for ID of Slack Desktop Flaw (08/31/2020) Slack patched a critical remote code execution vulnerability that could enable an attacker to execute arbitrary code in the…
Expert On Study Finds Serious Problems With Vulnerability Management
Information Security BuzzSep 04 2020 19:54
The majority of IT departments are underestimating the maturity of their vulnerability remediation programs by a wide margin, according to a study from Vulcan Cyber. The company said it was surprised that most organizations think that they are much…
Full Disclosure – Telnet Hardcoded credentials – CVE-2018-20432
Seclists.org – Full DisclosureSep 04 2020 16:32
Posted by CSW Research Lab on Sep 04 *Title*: Telnet Hardcoded Credentials *Summary*: The latest versions of the firmware have hardcoded default credentials that can be exploited by an unauthenticated attacker to gain privileged access to the…
Ongoing Campaigns
DoS and DDoS Attacks against Multiple Sectors
Kashif AliSep 04 2020 16:28
Original release date: September 4, 2020 The Cybersecurity and Infrastructure Security Agency (CISA) is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against finance and business…
DDoS Attacks on Virtual Education Rise 350%
Infosecurity – Latest NewsSep 04 2020 16:05
DDoS Attacks on Virtual Education Rise 350% Distributed denial of service (DDoS) attacks against online educational resources are over three times more prevalent in 2020 than they were last year, according to new research by …
Chinese APT TA413 Found Distributing Sepulcher Malware
CywareSep 04 2020 18:24
The current threat landscape is heavily focused on pandemic-themed social engineering lures. A not-so groundbreaking spyware Recently, Proofpoint researchers released an analysis report of a remote access trojan (RAT) dubbed Sepulcher….
BEC Attack Payments Are on the Rise, Report Finds
Security Bloggers NetworkSep 04 2020 07:15

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

This website uses cookies.
See our privacy policy at www.silobreaker.com/legal