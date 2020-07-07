Cyber Alert – 07 July 2020
This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Lazarus Group
|24
|25
|Try2Cry Ransomware
|8
|24
|Ragnar Locker
|6
|7
|Magecart Group
|10
|18
|Lampion
|3
|3
|GhostCat-3PC Malware
|3
|3
|EventBot
|3
|3
|Bureau 121
|2
|2
|Silent Chollima
|2
|2
|Kupidon Ransomware
|2
|2
|Hacker Groups
|Lazarus Group Adds Magecart to the Mix
|CyberSecurityBoard.com – RSS – Jul 07 2020 02:47
|North Korea-based APT is targeting online payments made by American and European shoppers. … …
|ZDNet – Promethium APT attacks surge, new Trojanized installers uncovered https://t.co/0QBwcEv12q
|ZDNet – Twitter – Jul 06 2020 08:15
|Promethium APT attacks surge, new Trojanized installers uncovered…
|ZDNet – Promethium APT attacks surge, new Trojanized installers uncovered https://t.co/UJe81o1qoN
|ZDNet – Twitter – Jul 06 2020 12:30
|Promethium APT attacks surge, new Trojanized installers uncovered…
|Hidden Cobra built global exfiltration network for Magecart skimming scheme
|SC Magazine US – Jul 06 2020 21:44
|Hidden Cobra threat actors are behind a series of attacks aimed at U.S. and European shoppers, using Magecart to skim credit card information from retailers. “Researchers have attributed the activity to HIDDEN COBRA because infrastructure from…
|Malware
|schneierblog – ThiefQuest Ransomware for the Mac https://t.co/aYpGHDJl0A
|schneierblog – Twitter – Jul 06 2020 12:15
|ThiefQuest Ransomware for the Mac https://www.schneier.com/blog/archives/2020/07/thiefquest_rans.html
|The latest ransomware: Kupidon ransomware
|CERT-EU VulnerabilitiesApplications – Jul 06 2020 15:14
|The latest ransomware called Kupidon has been discovered by MalwareHunterTeam. The virus targets both personal and corporate networks to steal data from users, through exposed remote desktop servers. The research team identified this ransomware after…
|Vulnerabilities
|NA – CVE-2020-10760 – A use-after-free flaw was found in all samba…
|CERT-EU VulnerabilitiesApplications – Jul 06 2020 23:05
|A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba. COMPANY. Security-Database help your corporation…
|NA – CVE-2019-14900 – A flaw was found in Hibernate ORM in versions…
|CERT-EU VulnerabilitiesApplications – Jul 06 2020 23:05
|A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query….
|CVEnew – CVE-2020-10760 A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, be… https://t.co/jgBh4pM9fZ
|CVEnew – Twitter – Jul 06 2020 18:45
|CVE-2020-10760 A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba….
|CVEnew – CVE-2020-14303 A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and be… https://t.co/jgaDYaYxpe
|CVEnew – Twitter – Jul 06 2020 18:45
|CVE-2020-14303 A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash….
|Ongoing Campaigns
|Android Malware, FakeSpy Spying on Users’ Banking Information Acting as Postal Services
|E Hacking News – Jul 07 2020 04:32
|A new Android malware, FakeSpy that can potentially steal an individual's banking details, read contact lists, application, and account information along with other personal data, is seen to be spreading across the globe. Earlier, the Android malware…
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.