06 December 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
LockBit Ransomware 4 4
Sekhmet Ransomware 4 5
Conti Ransomware 4 28
RansomExx Ransomware 5 5
PowerPepper 3 31
Egregor Ransomware 7 61
Maze Ransomware 4 22
DarkIRC 2 23
Powerkatz 1 1
Xorist Ransomware 1 1
Data Breaches
thinksnews – Top story: Data of 243 million Brazilians exposed online via website source code | ZDNet https://t.co/hObLjYFrhI, s… https://t.co/301LfB0ABdthinksnews – Twitter – Dec 05 2020 17:39Top story: Data of 243 million Brazilians exposed online via website source code | ZDNet https://www.zdnet.com/article/data-of-243-million-brazilians-exposed-online-via-website-source-code/, see more http://tweetedtimes.com/thinksnews?s=tnp
ZDNet – Data of 243 million Brazilians exposed online via website source code https://t.co/1COOhqGG1GZDNet – Twitter – Dec 05 2020 14:00Data of 243 million Brazilians exposed online via website source code…
Securityblog – RT @vivekramac: Worrisome to hear Docker API endpoints are routinely exposed. It’s so easy to create a self-sustaining Docker “container wo…Securityblog – Twitter – Dec 05 2020 21:54RT @vivekramac: Worrisome to hear Docker API endpoints are routinely exposed. It's so easy to create a self-sustaining Docker "container worm" leveraging these. Here is how –
securityaffairs – Hundreds of millions of #Android users exposed to hack due to CVE-2020-8913
https://t.co/WwITHaGc3q
#securityaffairs #hacking #malware
securityaffairs – Twitter – Dec 05 2020 10:41Hundreds of millions of #Android users exposed to hack due to CVE-2020-8913

Hundreds of millions of Android users exposed to hack due to CVE-2020-8913


#securityaffairs #hacking #malware

Hacker Groups
Chat Digest – Black Shadow 2020/12/06 04:40 – 04:40 UTC“Black Shadow” – Telegram – Dec 06 2020 04:40[04:40] : These are some of messages who want to buy data , if we do not come to an agreement with shirbit , we would start selling data at 9:00 AM.
Cyber mercenaries group DeathStalker uses a new backdoorSecurity Affairs – Dec 05 2020 13:13The group of cyber mercenaries tracked as DeathStalker has been using a new PowerShell backdoor in recent attacks. The cyber mercenaries group known as …
anon_indonesia – The Anonymous Indonesia News Daily is out! https://t.co/pG0CbFXMre Stories via @Cyber_War_News #jakpostanon_indonesia – Twitter – Dec 06 2020 03:14The Anonymous Indonesia News Daily is out! https://paper.li/anon_indonesia/1435572762?edition_id=30fb9bc0-3771-11eb-96dc-002590a5ba2d Stories via @Cyber_War_News #jakpost
Cybersecurity and Infrastructure Security Agency (CISA) & FederalBureau of Investigation – Advanced Persistent Threat Actors TargetingU.S. Think TanksTout sur la cybersociété, la cybersécurité, la cybercriminalité, la cyberdéfense, … – Dec 05 2020 06:36Cybersecurity and Infrastructure Security Agency (CISA) & Federal Bureau of Investigation – Advanced Persistent Threat Actors Targeting U.S. Think Tanks – 8 pages <…
Malware
A rough week in ransomware….Office of Inadequate Security – Dec 05 2020 14:39The following are just a few of the entities hit by ransomware attacks this week: USNR LLC is a manufacturing firm in…
Securityblog – RT @BleepinComputer: Egregor is the only ransomware operation to run a script after encrypting a device that print bombs ransom notes to av…Securityblog – Twitter – Dec 05 2020 22:18RT @BleepinComputer: Egregor is the only ransomware operation to run a script after encrypting a device that print bombs ransom notes to available…
Human resource consulting giant Randstad hit by Egregor ransomwareSecurity Affairs – Dec 05 2020 20:58Multinational human resource consulting firm Randstad NV announced that they were a victim of the Egregor ransomware. Egregor ransomware…
demonslay335 – @naz9716 @PolarToffee Haven’t specifically hunted one down yet. You see one Xorist, you see them all. 🙄demonslay335 – Twitter – Dec 05 2020 16:11@naz9716 @PolarToffee Haven't specifically hunted one down yet. You see one Xorist, you see them all. 🙄
Vulnerabilities
Google Play Source Code Flaw Makes Apps VulnerableBankInfoSecurity – Dec 05 2020 16:41Check Point: Apps Vulnerable to a Source Code Flaw in…
Securityblog – RT @DirectoryRanger: How I Hacked the Microsoft Outlook Android App and Found CVE-2019-1105.

https://t.co/ZeNzbYzK5JSecurityblog – Twitter – Dec 05 2020 22:17RT @DirectoryRanger: How I Hacked the Microsoft Outlook Android App and Found CVE-2019-1105.

https://www.f5.com/labs/articles/threat-intelligence/how-i-hacked-the-microsoft-outlook-android-app-and-found-cve-2019-1105

cybersecboardrm – DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882 #Cybersecurity #security https://t.co/gzx3k7sbe2cybersecboardrm – Twitter – Dec 05 2020 20:57DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882 #Cybersecurity #security…
securityaffairs – Recently disclosed CVE-2020-4006 #VMware #zeroday was reported by #NSA–
https://t.co/STeFva8noa
#securityaffairs #hacking #malware
securityaffairs – Twitter – Dec 05 2020 21:12Recently disclosed CVE-2020-4006 #VMware #zeroday was reported by #NSA–

Recently disclosed CVE-2020-4006 VMware zero-day was reported by NSA


#securityaffairs #hacking #malware

Ongoing Campaigns
Italy Says Two Arrested for Defense Data TheftSecurity Week – Dec 05 2020 16:17Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday. The company has a wide range of activities from naval electronics, network and protection…
The “LockBit” Ransomware Gang Hit Helicopter Manufacturer ‘Kopter’TechNadu – Dec 05 2020 11:03The Swiss helicopter maker that is now under Italian ownership got compromised by the LockBit group. The hackers claim that taking over one of the firm’s VPN accounts was fairly easy, as there was no 2FA. Kopter has not publicly admitted any…
COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacksSecurity Affairs – Dec 05 2020 23:43Healthcare organizations like Johnson & Johnson are observing a surge of cyber attacks carried by state-sponsored hackers during COVID-19 pandemic. Nation-state actors are intensifying their attacks against organizations in the healthcare…
TripwireInc – How do multi-platform frameworks differ from standard malware attacks?

Gary Stevens looks at common ways malicious… https://t.co/iaEtodeS6iTripwireInc – Twitter – Dec 05 2020 22:00How do multi-platform frameworks differ from standard malware attacks?

Gary Stevens looks at common ways malicious hackers avoid detection and what you can do to protect your business against…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal