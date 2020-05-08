Cyber Alert – 08 May 2020
Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|APT30
|8
|8
|Lazarus Group
|8
|12
|Dacls RAT
|6
|10
|SNAKE Ransomware
|5
|8
|Shiny Hunters
|3
|3
|RoyalRoad
|3
|3
|SilverTerrier
|3
|3
|IcedID Trojan
|3
|4
|Bloodhound Malware
|3
|4
|Stuxnet
|3
|3
|Data Breaches
|Issues in Elementor Pro and Ultimate Addons for Elementor exposed 1 Million WordPress sites at risk
|Security Affairs – May 07 2020 22:58
|Attackers exploited two security issues in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins to fully compromise over 1M sites. Hackers are actively exploiting two security flaws in the Elementor Pro and Ultimate Addons for…
|Hackers claim to breach Microsoft’s GitHub account; steal 500GB of data
|HackRead – May 07 2020 19:52
|Hackers claim to breach Microsoft's GitHub account; steal 500GB of data Home » Hacking News » Hackers claim to breach Microsoft’s GitHub account; steal 500GB of data
|Breached Organization uses Network Insight to Pinpoint Source of Infection
|Security Bloggers Network – May 07 2020 16:52
|breached-org-network-insight-success-700×350.jpg …
|Hacker Groups
|Police nab InfinityBlack hackers
|Naked Security – Sophos – May 07 2020 08:46
|Five alleged members of hacking group InfinityBlack got some unexpected visitors last week when Polish law enforcement arrested them.
|APT Groups Target Healthcare and Essential Services
|Office of Inadequate Security – May 07 2020 12:40
|May 6, 2020 APT Groups Target Healthcare and Essential Services National Cyber Awareness System: AA20-126A: APT Groups…
|SilverTerrier: New COVID-19 Themed Business Email Compromise Schemes
|Unit 42 – Palo Alto Networks Blog – May 07 2020 10:00
|A series of COVID-19 themed malware campaigns from the SilverTerrier group was blocked by Unit 42. 170+ phishing emails produced, with some targeting government healthcare agencies. The post …
|Chinese spies hop from one hacked government network to another in Asia Pacific, researchers say
|Cyberscoop – News – May 07 2020 18:54
|Nearly five years ago, researchers unmasked a Chinese hacking group, pinpointing the unit of the People’s Liberation Army that was allegedly sponsoring it. The so-called Naikon group was key to China’s spying efforts in the South China Sea,…
|Malware
|Starslord 2.0 malware: What it is, how it works and how to prevent it | Malware spotlight
|Security Bloggers Network – May 07 2020 13:00
|Introduction The sLoad malware was discovered for the first time in 2018. It delivers various Trojans to the infected computers, including but not limited to the banking Trojans Ramnit, Gootkit and… Go on to the site to read the full…
|2020-05-07 – Some recent Qakbot stuff
|Malware-Traffic-Analysis.net – Blog Entries – May 07 2020 19:23
|Attackers Try to Deploy Remcos Malware with COVID-19-related Messages
|HOTforSecurity – May 07 2020 15:59
|…
|New Kaiji Botnet Malware Targets IoT, But ‘New’ Doesn’t Mean ‘Undetectable’
|Security Bloggers Network – May 07 2020 15:21
|…
|Vulnerabilities
|Cisco Patches Multiple Flaws in Adaptive Security Appliance and Firepower Threat Defense (CVE-2020-3187)
|Tenable Blog – May 08 2020 01:22
|Cisco releases a bundled publication to address 12 vulnerabilities across Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD) and Firepower Management Center (FMC), including a critical path traversal…
|CVE-2020-0792: How a Deceptive Assert Caused a Critical Windows Kernel Vulnerability
|Reverse Engineering – May 07 2020 16:38
|submitted by /u/RedmondSecGnome [link]…
|Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA
|Threatpost.com – May 07 2020 18:43
|Cisco has fixed 12 high-severity flaws in its Adaptive Security Appliance software and Firepower Threat Defense software.
|Critical Flaw in CODESYS Industrial Controller Software Allows Code Execution
|Security Week – May 07 2020 19:06
|Cisco’s Talos threat intelligence and research group revealed on Wednesday that one of its researchers discovered a critical remote code execution vulnerability in the CODESYS Control SoftPLC industrial controller software. CODESYS Control SoftPLC is…
|Ongoing Campaigns
|Naikon APT is flying under the radar since 2015
|Security Affairs – May 07 2020 15:44
|Chinese-speaking Naikon APT group leverages a new backdoor called Aria-body to target organizations in South Asia and Australia. The Naikon APT group is…
|Snake Ransomware Crawling its Way into Enterprise Network
|Cyware – May 07 2020 19:24
|Snake ransomware operators are back from a short hibernation and have launched a global cyberattack campaign, infecting organizations in its wake. Among these organizations, there is at least one healthcare organization. The healthcare organization…
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.