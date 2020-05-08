Silobreaker

Cyber Alert – 08 May 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
APT30 8 8
Lazarus Group 8 12
Dacls RAT 6 10
SNAKE Ransomware 5 8
Shiny Hunters 3 3
RoyalRoad 3 3
SilverTerrier 3 3
IcedID Trojan 3 4
Bloodhound Malware 3 4
Stuxnet 3 3
Data Breaches
Issues in Elementor Pro and Ultimate Addons for Elementor exposed 1 Million WordPress sites at risk
Security AffairsMay 07 2020 22:58
Attackers exploited two security issues in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins to fully compromise over 1M sites. Hackers are actively exploiting two security flaws in the Elementor Pro and Ultimate Addons for…
Hackers claim to breach Microsoft’s GitHub account; steal 500GB of data
HackReadMay 07 2020 19:52
Hackers claim to breach Microsoft's GitHub account; steal 500GB of data Home » Hacking News » Hackers claim to breach Microsoft’s GitHub account; steal 500GB of data
Breached Organization uses Network Insight to Pinpoint Source of Infection
Security Bloggers NetworkMay 07 2020 16:52
breached-org-network-insight-success-700×350.jpg …
Hacker Groups
Police nab InfinityBlack hackers
Naked Security – SophosMay 07 2020 08:46
Five alleged members of hacking group InfinityBlack got some unexpected visitors last week when Polish law enforcement arrested them.
APT Groups Target Healthcare and Essential Services
Office of Inadequate SecurityMay 07 2020 12:40
May 6, 2020 APT Groups Target Healthcare and Essential Services National Cyber Awareness System: AA20-126A: APT Groups…
SilverTerrier: New COVID-19 Themed Business Email Compromise Schemes
Unit 42 – Palo Alto Networks BlogMay 07 2020 10:00
A series of COVID-19 themed malware campaigns from the SilverTerrier group was blocked by Unit 42. 170+ phishing emails produced, with some targeting government healthcare agencies. The post …
Chinese spies hop from one hacked government network to another in Asia Pacific, researchers say
Cyberscoop – NewsMay 07 2020 18:54
Nearly five years ago, researchers unmasked a Chinese hacking group, pinpointing the unit of the People’s Liberation Army that was allegedly sponsoring it. The so-called Naikon group was key to China’s spying efforts in the South China Sea,…
Malware
Starslord 2.0 malware: What it is, how it works and how to prevent it | Malware spotlight
Security Bloggers NetworkMay 07 2020 13:00
Introduction The sLoad malware was discovered for the first time in 2018. It delivers various Trojans to the infected computers, including but not limited to the banking Trojans Ramnit, Gootkit and… Go on to the site to read the full…
2020-05-07 – Some recent Qakbot stuff
Malware-Traffic-Analysis.net – Blog EntriesMay 07 2020 19:23
Attackers Try to Deploy Remcos Malware with COVID-19-related Messages
HOTforSecurityMay 07 2020 15:59
New Kaiji Botnet Malware Targets IoT, But ‘New’ Doesn’t Mean ‘Undetectable’
Security Bloggers NetworkMay 07 2020 15:21
Vulnerabilities
Cisco Patches Multiple Flaws in Adaptive Security Appliance and Firepower Threat Defense (CVE-2020-3187)
Tenable BlogMay 08 2020 01:22
Cisco releases a bundled publication to address 12 vulnerabilities across Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD) and Firepower Management Center (FMC), including a critical path traversal…
CVE-2020-0792: How a Deceptive Assert Caused a Critical Windows Kernel Vulnerability
Reverse EngineeringMay 07 2020 16:38
submitted by /u/RedmondSecGnome [link]…
Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA
Threatpost.comMay 07 2020 18:43
Cisco has fixed 12 high-severity flaws in its Adaptive Security Appliance software and Firepower Threat Defense software.
Critical Flaw in CODESYS Industrial Controller Software Allows Code Execution
Security WeekMay 07 2020 19:06
Cisco’s Talos threat intelligence and research group revealed on Wednesday that one of its researchers discovered a critical remote code execution vulnerability in the CODESYS Control SoftPLC industrial controller software. CODESYS Control SoftPLC is…
Ongoing Campaigns
Naikon APT is flying under the radar since 2015
Security AffairsMay 07 2020 15:44
Chinese-speaking Naikon APT group leverages a new backdoor called Aria-body to target organizations in South Asia and Australia. The Naikon APT group is…
Snake Ransomware Crawling its Way into Enterprise Network
CywareMay 07 2020 19:24
Snake ransomware operators are back from a short hibernation and have launched a global cyberattack campaign, infecting organizations in its wake. Among these organizations, there is at least one healthcare organization. The healthcare organization…

