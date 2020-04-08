Cyber Alert – 08 April 2020
Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|xHelper
|8
|8
|Anchor Malware
|3
|3
|Triada Trojan
|3
|3
|FIN6
|3
|5
|Raccoon Malware
|3
|6
|Cookiethief
|3
|3
|NN Hacking Group
|2
|2
|Zloader Malware
|2
|3
|Godlua Malware
|1
|1
|DELoader Malware
|1
|1
|Data Breaches
|Drug testing firm sends data breach alerts after ransomware attack
|BleepingComputer.com – Apr 07 2020 19:47
|Hammersmith Medicines Research LTD (HMR), a research company on standby to perform live trials of Coronavirus vaccines, has started emailing data breach notifications after having their data stolen and published in a ransomware attack. […]
|Email.it Data Breach Exposes 600,000 Users – Expert Commentary
|Information Security Buzz – Apr 07 2020 14:05
|It has been announced that the Italian email provider Email.it and now the data of more than 600,000 users is being sold on the dark web. The ISBuzz Post: This Post …
|The inside scoop on insider threats
|SC Magazine US – Apr 07 2020 12:28
|Cybercriminals continue to develop new attack methods that pose a serious risk to enterprise security, but they are not the only threats enterprises need to defend against. Employees – whether well-meaning but careless or those with malicious…
|Stockdale Radiology Is Circulating Notices About a Data Breach
|TechNadu – Apr 07 2020 08:18
|A medical diagnostics center in California has suffered a ransomware attack that may have breached internal data. The accessible information concerns patient details, both PII and private medical data. The company claims that the hackers haven’t stolen…
|Hacker Groups
|ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework
|Security Intelligence – Apr 07 2020 10:30
|The past two years have borne witness to the increasing collaboration between…
|Darkhotel exploits zero-day in VPN to attack China assets
|SC Magazine UK – Apr 07 2020 13:01
|North Korean hacking group accused of sophisticated campaign against global Chinese government interests A series of attacks that exploit a zero-day vulnerability in a Chinese VPN provider called SangFor have been attributed to the DarkHotel APT by…
|Who is World Wired Labs and why are they selling an Android trojan?
|Cyberscoop – News – Apr 07 2020 20:02
|A company advertising a remote access tool frequently used by criminals and nation-state hackers may be serving as a front for a Chinese hacking group, according to new research published Tuesday by BlackBerry Cylance. In a lengthy …
|Italian email provider Email.it hacked, data of 600k users available for sale
|Security Affairs – Apr 07 2020 09:03
|A database stolen from the Italian email provider Email.it containing more than 600,000 users is available for sale on the dark web. The Italian email provider Email.it has been hacked, the company admitted…
|Malware
|Oil giant hacked by Maze ransomware group
|IT Security Guru – Apr 07 2020 10:05
|On April 1st, 2020, Berkine became a victim of cyber-attack by the notorious Maze ransomware group that is known for its unique blackmailing practices. The attackers managed to steal the entire database containing over 500MB of confidential documents…
|Unkillable xHelper and a Trojan matryoshka
|Securelist – Apr 07 2020 09:16
|It was the middle of last year that we detected the start of mass attacks by the xHelper Trojan on Android smartphones, but even now the malware remains as active as ever. The main feature of xHelper is entrenchment — once it gets into the phone, it…
|FIN6 and TrickBot Combine Forces in ‘Anchor’ Attacks
|Threatpost.com – Apr 07 2020 16:57
|FIN6 fingerprints were spotted in recent cyberattacks that initially infected victims with the TrickBot trojan, and then eventually downloaded the Anchor backdoor malware.
|xHelper, the Unkillable Android malware that re-Installs after factory reset
|Security Affairs – Apr 07 2020 19:50
|xHelper, a new strain of Android malware is able to re-install itself on infected devices even after victims delete it or force a factory reset. …
|Vulnerabilities
|Increase In Exploited Zero-Days Shows Broader Access To Vulnerabilities
|SecurityPhresh – Apr 07 2020 20:12
|The number of identified zero-day vulnerabilities being exploited has increased in 2019, revealing a broadened access to these security flaws, according to security firm FireEye.read more
|A critical flaw in 350,000 Microsoft Exchange remains unpatched
|IT Pro UK – Apr 07 2020 18:22
|Over 350,000 of all Microsoft Exchange servers have may not been patched against the CVE-2020-0688 post-auth remote code execution vulnerability impacting all supported Microsoft Exchange Server versions. The patch arrived in Microsoft 's February 11…
|BrandPost: How to Prioritize Application Security Flaws
|CSO Magazine – Apr 07 2020 18:27
|Volume 10 of the Veracode “State of Software Security” report makes one fact abundantly clear: there’s no shortage of security flaws to be fixed in the applications we use every day. So many, in fact, that it’s virtually impossible to address them…
|Ubuntu Security Updates Released to Fix Denial of Service, Information Exposure
|Softpedia – Apr 07 2020 09:39
|Canonical has released new updates for Ubuntu to resolve multiple security vulnerabilities in various versions of the operating system, including 14.04, 16.04, 18.04, and 19.10. When exploited, the vulnerabilities can be used to cause a denial of…
|Ongoing Campaigns
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.