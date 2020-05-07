Cyber Alert – 07 May 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|InfinityBlack
|6
|10
|Dacls RAT
|4
|4
|Kaiji Malware
|4
|11
|Lazarus Group
|4
|6
|SNAKE Ransomware
|3
|3
|Nemty Ransomware
|4
|8
|LockBit Ransomware
|3
|8
|Nefilim Ransomware
|3
|7
|APT28
|3
|5
|Anka Neferler Tim
|2
|2
|Data Breaches
|Two Popular VPNs Exposed Users to Attacks Via Fake Updates
|Security Week – May 06 2020 13:06
|Researchers analyzed some of the most popular VPNs and discovered that two of them were affected by vulnerabilities that could be exploited to hack users’ devices. VPNpro, a company that specializes in analyzing and comparing VPN services, analyzed…
|Roblox breached; Worker bribed
|MalwareTips.com – May 06 2020 17:42
|A hacker bribed a Roblox worker to gain access to the back end customer support panel of the massively popular online video game, giving them the ability to lookup personal information on over 100 million active monthly users and grant virtual…
|Firefox 76 Brings Security Patches, Breached Password Alerts
|SecurityWeek RSS Feed – May 06 2020 13:41
|Mozilla this week released Firefox 76 to the stable channel with an updated password manager, alerts for breached passwords, and patches for 11 vulnerabilities. Starting with the new release, the browser aims to help users…
|CVE-2020-10732 kernel: uninitialized kernel data leak in userspace coredumps
|Open Source Security – May 06 2020 05:13
|Posted by Wade Mealing on May 05 Gday, A potential info leak of kernel private memory to userspace was found in the kernel's implementation of core dumping userspace processes. An area of memory was allocated from free memory without being…
|Hacker Groups
|Suspected InfinityBlack Hackers Arrested
|BankInfoSecurity – May 06 2020 13:45
|Cybercriminals Had Access to Millions of User…
|US and UK Cyber Security Agencies Warn of APT Attacks against Healthcare Organizations
|Security Bloggers Network – May 06 2020 15:54
|An advisory from the US Department of Homeland Security (DHS)…
|Lazarus Group Hides macOS Spyware in 2FA Application
|Threatpost.com – May 06 2020 21:10
|The Dacls RAT has been ported from an existing Linux version.
|Russian a Suspect in German Parliament Hack: Report
|Data Breach Today – May 06 2020 19:53
|Alleged GRU Agent Charged Earlier in Connection With U.S. Election Interference Ishita Chigilli Palli (Ishita_CP) • May 6, 2020 The German Parliament building German prosecutors now believe that an alleged Russian hacker who apparently is a member of an…
|Malware
|New Ransomware for Hire: LockBit
|Cyware – May 06 2020 07:24
|It would be safe to state that ransomware is one of the most crucial threats facing global organizations. Ransomware has switched from mass malspam campaigns to artisanal attacks on organizations . What is LockBit? LockBit is a relatively new strain…
|Top 6 malware strains to watch out for in 2020
|Security Bloggers Network – May 06 2020 13:02
|Introduction: The upsurge of malware Malware is a favorite way for cybercriminals to launch attacks. A number of malware types have made the news as responsible for data theft and high-profile… Go on to the site to read the full…
|Clop Ransomware Also Follows the Trend – Leaks Data After Failed Ransom Attempt
|Cyware – May 06 2020 14:47
|Clop ransomware operators were seen leaking stolen data publicly on the internet, after a failed ransom negotiation with the the targeted company. What happened Clop ransomware leaked files stolen from US pharmaceutical company ExecuPharm. On March…
|Large scale Snake Ransomware campaign targets healthcare, more
|BleepingComputer.com – May 06 2020 19:20
|The operators of the Snake Ransomware have launched a worldwide campaign of cyberattacks that have infected numerous businesses and at least one health care organization over the last few days. […]
|Vulnerabilities
|Software vulnerabilities sometimes first announced on social media
|Help Net Security – News – May 07 2020 04:00
|Software vulnerabilities are more likely to be discussed on social media before they’re revealed on a government reporting site, a practice that could pose a national security threat, according to computer scientists at the U.S. Department…
|Security Flaws in the “Aarogya Setu” App Put 90 Million Indians at Risk
|TechNadu – May 06 2020 12:02
|A French researcher has found a couple of privacy and security flaws in the Aarogya Setu app. The app’s team responded by saying these are features and not bugs, so nothing is wrong or at risk. Using the app is enforced in India, despite the massive…
|Thinking Beyond Cybersecurity Vulnerability Assessments: What’s Next?
|Security Bloggers Network – May 06 2020 12:36
|Having vulnerabilities isn’t always a bad thing. In personal interactions, for instance, being vulnerable can lead to deeper, more meaningful relationships. But we’re not talking psychology today. We’re talking…
|Cisco Firepower Threat Defense Software Management Access List Bypass Vulnerability
|Cisco Security Advisory – May 06 2020 16:12
|A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. …
|Ongoing Campaigns
|Kaiji Botnet Targets Linux Servers, IoT Devices
|Bank Info Security – May 06 2020 16:25
|Researchers: Malware Is Capable of Launching DDoS Attacks Apurva Venkat (VenkatApurva) • May 6, 2020 Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to…
|DDoS attacks in Q1 2020
|Securelist – May 06 2020 10:02
|News overview Since the beginning of 2020, due to the COVID-2019 pandemic, life has shifted almost entirely to the Web — people worldwide are now working, studying, shopping, and having fun online like never before. This is reflected in the goals of…
|Coinminer, DDoS Bot Attack Docker Daemon Ports 5/6/20 12:00 PM
|Trend Micro – May 06 2020 10:43
|Insights and Analysis by Augusto Remillano II and Jemimah Molina Researchers found an open directory containing malicious files, which was first reported in a series of Twitter posts by MalwareHunter Team. Analyzing some of the files, we found a…
