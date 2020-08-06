Cyber Alert – 06 August 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Maze Ransomware
|25
|44
|WastedLocker
|16
|101
|Carbanak
|5
|10
|FonixCrypter
|4
|4
|Zloader Malware
|3
|6
|Skidmap Malware
|2
|2
|Winnti Trojan
|2
|2
|Bart Ransomware
|2
|3
|TA2101
|2
|8
|LockBit Ransomware
|2
|10
|Data Breaches
|troyhunt – Consumer Data Exposed in Telemarketing Adviser Breach https://t.co/FG7ek7CYk4
|troyhunt – Twitter – Aug 05 2020 20:46
|Consumer Data Exposed in Telemarketing Adviser Breach https://www.bankinfosecurity.com/us-consumer-data-exposed-in-telemarketing-breach-a-14735
|Securityblog – RT @troyhunt: Consumer Data Exposed in Telemarketing Adviser Breach https://t.co/FG7ek7CYk4
|Securityblog – Twitter – Aug 05 2020 20:48
|RT @troyhunt: Consumer Data Exposed in Telemarketing Adviser Breach https://www.bankinfosecurity.com/us-consumer-data-exposed-in-telemarketing-breach-a-14735
|Security flaw in Twitter Android app might have exposed Direct Messages
|MalwareTips.com – Aug 05 2020 18:35
|Twitter acknowledged today that there was a security vulnerability in its Android…
|Secnewsbytes – FBI: Networks exposed to attacks due to Windows 7 end of life https://t.co/EKoADz5LFG
|Secnewsbytes – Twitter – Aug 05 2020 07:25
|FBI: Networks exposed to attacks due to Windows 7 end of life https://www.bleepingcomputer.com/news/security/fbi-networks-exposed-to-attacks-due-to-windows-7-end-of-life/
|Hacker Groups
|DrunkBinary – RT @stvemillertime: This is cool. A Oilrig/APT34 developer has been using DNS A and TXT records in their malware ecosystem dating back at l…
|DrunkBinary – Twitter – Aug 05 2020 13:14
|RT @stvemillertime: This is cool. A Oilrig/APT34 developer has been using DNS A and TXT records in their malware ecosystem dating back at least to 2017, so an easy adoption of DoH makes sense as it may easily work or integrate w/ the existing network…
|grecs – RT @taosecurity: This is what those in the biz call a two-fer. First, APT34 takes advantage of a centralized, privacy-stealing protocol, Do…
|grecs – Twitter – Aug 05 2020 23:57
|RT @taosecurity: This is what those in the biz call a two-fer. First, APT34 takes advantage of a centralized, privacy-stealing protocol, DoH, to abuse its victims. Second, APT34 stops using custom C2 tools and replaces them with an open source tool…
|Iranian APT Oilrig becomes the first group to weaponize DNS-over-HTTPS
|CERT-EU – Latest Articles Ongoing Threats – RSS – Aug 05 2020 13:14
|Iranian cybercriminal group Oilrig (also known as APT34) became the first APT to use DNS-over-HTTPS (DoH) protocol in their attacks to exfiltrate data from compromised networks. Vicente Diaz, a malware analyst for antivirus maker Kaspersky, told in a…
|cybersecboardrm – US govt agencies share details of the China-linked espionage malware Taidoor #Cybersecurity #security https://t.co/nKB2uZfyUQ
|cybersecboardrm – Twitter – Aug 06 2020 02:52
|US govt agencies share details of the China-linked espionage malware Taidoor #Cybersecurity #security…
|Vulnerabilities
|CVE-2020-15132
|CERT-EU VulnerabilitiesApplications – Aug 05 2020 22:46
|Description. In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a `400` error code…
|CVEnew – CVE-2020-14347 A flaw was found in the way xserver memory was not properly initialized. This could leak parts of se… https://t.co/JWYEdoyZhq
|CVEnew – Twitter – Aug 05 2020 14:45
|CVE-2020-14347 A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass….
|A Flaw Used by Stuxnet Wasn’t Fully Fixed
|BankInfoSecurity – Aug 05 2020 13:44
|Black Hat Conference Research Spots Windows Print Spooler…
|Twitter Fixes High-Severity Flaw Affecting Android Users
|Threatpost.com – Aug 05 2020 21:36
|A vulnerability in Twitter for Android could have allowed attackers to access private direct messages (DMs) and other data.
|Ongoing Campaigns
|Combat mobile phishing attacks targeting Financial Services with AI
|AlienVault Blogs – Aug 05 2020 11:00
|Phishing attacks are a common attack vector for financial services organizations. Effective and simple to launch, phishing attacks challenge financial firms to protect their mobile workforce and harden their customer-facing apps. Mobile…
