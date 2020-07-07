Silobreaker

  daily cyber digest

Cyber Alert – 07 July 2020

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Lazarus Group 24 25
Try2Cry Ransomware 8 24
Ragnar Locker 6 7
Magecart Group 10 18
Lampion 3 3
GhostCat-3PC Malware 3 3
EventBot 3 3
Bureau 121 2 2
Silent Chollima 2 2
Kupidon Ransomware 2 2
Data Breaches
Secnewsbytes – Data Breach: Millions of Dating App Records, Messages, and User Profiles Exposed in Data Leak https://t.co/LoPJIqyK1R
Secnewsbytes – TwitterJul 06 2020 07:56
Data Breach: Millions of Dating App Records, Messages, and User Profiles Exposed in Data Leak https://www.wizcase.com/blog/dating-breaches-research/
Dinosn – LinkedIn was copying every keystroke of users until iOS 14 exposed it https://t.co/lsWChLwZBj
Dinosn – TwitterJul 06 2020 06:45
LinkedIn was copying every keystroke of users until iOS 14 exposed it https://www.hackread.com/linkedin-copying-user-keystrokel-ios-14-exposed-it/
Brazil’s Hapvida Discloses Cyber Breach, Potential Client Data Leak
Office of Inadequate SecurityJul 06 2020 20:51
Reuters reports: Brazilian health insurer Hapvida said in a securities filing on Monday it has suffered a cyber attack…
Securityblog – Reddit promises to stop accessing user clipboards after being exposed by iOS 14 https://t.co/e3j0ggrL1H
Securityblog – TwitterJul 06 2020 20:48
Reddit promises to stop accessing user clipboards after being exposed by iOS 14 https://flip.it/IiWito
Hacker Groups
Lazarus Group Adds Magecart to the Mix
CyberSecurityBoard.com – RSSJul 07 2020 02:47
North Korea-based APT is targeting online payments made by American and European shoppers. … …
ZDNet – Promethium APT attacks surge, new Trojanized installers uncovered https://t.co/0QBwcEv12q
ZDNet – TwitterJul 06 2020 08:15
Promethium APT attacks surge, new Trojanized installers uncovered…
ZDNet – Promethium APT attacks surge, new Trojanized installers uncovered https://t.co/UJe81o1qoN
ZDNet – TwitterJul 06 2020 12:30
Promethium APT attacks surge, new Trojanized installers uncovered…
Hidden Cobra built global exfiltration network for Magecart skimming scheme
SC Magazine USJul 06 2020 21:44
Hidden Cobra threat actors are behind a series of attacks aimed at U.S. and European shoppers, using Magecart to skim credit card information from retailers. “Researchers have attributed the activity to HIDDEN COBRA because infrastructure from…
Malware
schneierblog – ThiefQuest Ransomware for the Mac https://t.co/aYpGHDJl0A
schneierblog – TwitterJul 06 2020 12:15
ThiefQuest Ransomware for the Mac https://www.schneier.com/blog/archives/2020/07/thiefquest_rans.html
The latest ransomware: Kupidon ransomware
CERT-EU VulnerabilitiesApplicationsJul 06 2020 15:14
The latest ransomware called Kupidon has been discovered by MalwareHunterTeam. The virus targets both personal and corporate networks to steal data from users, through exposed remote desktop servers. The research team identified this ransomware after…
Vulnerabilities
NA – CVE-2020-10760 – A use-after-free flaw was found in all samba…
CERT-EU VulnerabilitiesApplicationsJul 06 2020 23:05
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba. COMPANY. Security-Database help your corporation…
NA – CVE-2019-14900 – A flaw was found in Hibernate ORM in versions…
CERT-EU VulnerabilitiesApplicationsJul 06 2020 23:05
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query….
CVEnew – CVE-2020-10760 A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, be… https://t.co/jgBh4pM9fZ
CVEnew – TwitterJul 06 2020 18:45
CVE-2020-10760 A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba….
CVEnew – CVE-2020-14303 A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and be… https://t.co/jgaDYaYxpe
CVEnew – TwitterJul 06 2020 18:45
CVE-2020-14303 A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash….
Ongoing Campaigns
Android Malware, FakeSpy Spying on Users’ Banking Information Acting as Postal Services
E Hacking NewsJul 07 2020 04:32
A new Android malware, FakeSpy that can potentially steal an individual's banking details, read contact lists, application, and account information along with other personal data, is seen to be spreading across the globe. Earlier, the Android malware…

