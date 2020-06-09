Cyber Alert – 09 June 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|GuLoader
|13
|14
|KingSkrupellos
|14
|23
|ZORAB Ransomware
|7
|7
|Higaisa
|7
|15
|Stop Ransomware
|7
|13
|IcedID Trojan
|5
|7
|ech0raix Ransomware
|5
|19
|SNAKE Ransomware
|4
|5
|Maistealer
|3
|3
|MassLogger
|3
|3
|Data Breaches
|Naked Trump Photo: Has Anonymous Finally Exposed Donald’s Dirty Laundry?
|Forbes – Cybersecurity RSS – Jun 08 2020 11:57
|Another week, another supposed Anonymous leak dishing dirt on President Trump. But is the naked Donald Trump photo published online all that it seems?
|A breach at Charter Professional Accountants of Canada (CPA Canada) by an unauthorized 3rd party exposed the personal information of 329,000 individuals. #CPACanada #databreach Commentary from @lucysecurity @Comparitech.
http://ow.ly/nZBs50A21Tk
|A breach at Charter Professional Accountants of Canada (CPA Canada) by an unauthorized 3rd party exposed the personal information of 329,000 individuals. #CPACanada #databreach Commentary from @lucysecurity @Comparitech.
http://ow.ly/PKhY50A22l0
|RT @WAKABIyashi: 100,000 personal information of users exposed. Again, a downside of a centralized data storage system.
#dataprivacy #cybersecurity #holochain #nextnet
https://www.hackread.com/?p=78246 via @hackread
|Hacker Groups
|Explained: Everything you need to know about hacktivist group Anonymous
|CERT-EU – Latest Articles Ongoing Threats – RSS – Jun 08 2020 13:41
|The worldwide group is believed to include anyone who wants to join; its members being referred to as ‘anons’. (Source: Wikimedia common) As racial tensions in the US continue to make headlines, the ‘hacktivist’ group Anonymous is back in focus with…
|FIN7 hacking group member arrested by the U.S.
|Digital Journal – Jun 08 2020 22:24
|U.S. officials have arrested an alleged member of the FIN7 hacking group (also known as the Carbanak Group) who have been involved in several high-profile cybersecurity incidences. The person who was apprehended was a Ukrainian national. Denys Iarmak…
|Anonymous Greece hack websites of Turkey’s Foreign, Defense Ministries
|Keep Talking Greece – RSS – Jun 08 2020 11:25
|Anonymous Greece hacked two websites of Turkey’s crucial ministries: the Ministry of Foreign Affairs and the Ministry of Defense on Sunday. They first hacked the website of Foreign Ministry and a few hours after the one of the Defense…
|Higaisa threat actors targets organizations using Zeplin platform
|TSecurity.de – Jun 08 2020 21:17
|A Korean threat actor, tracked as Higaisa, has been using malicious LNK files in recent attacks aimed at organizations that use the Zeplin collaboration platform. The Korean threat actor Higaisa, has been using malicious LNK files in recent attacks…
|Malware
|2020-06-08 – Quick post: IcedID (Bokbot)
|Malware-Traffic-Analysis.net – Blog Entries – Jun 09 2020 00:50
|A newly discovered form of Java-based ransomware is targeting companies in the education and software sectors. 'Tycoon' is compiled into a Java image file, a new tactic that researchers say makes it harder to detect: http://ow.ly/vgCI50A23N4
|BleepinComputer – After a sample of the SNAKE/EKANS ransomware was discovered by @milkr3am today, we get a much clearer picture that… https://t.co/fXUv5Ayw8V
|BleepinComputer – Twitter – Jun 09 2020 00:59
|After a sample of the SNAKE/EKANS ransomware was discovered by @milkr3am today, we get a much clearer picture that the Honda outages's are likely being caused by a SNAKE ransomware attack.
https://twitter.com/milkr3am/status/1269932348860030979?s=20
|Zorab Ransomware Disguised as STOP Djvu Ransomware Decryptor
|Security Bloggers Network – Jun 08 2020 11:25
|A security researcher discovered a new ransomware strain called “Zorab” masquerading as a decryptor for STOP Djvu ransomware. Michael Gillespie, creator of the Ransomware ID service, spotted Zorab being distributed as a decryptor for…
|Vulnerabilities
|PoC RCE exploit for SMBGhost Windows flaw released
|Help Net Security – News – Jun 08 2020 10:05
|A security researcher has published a PoC RCE exploit for SMBGhost (CVE-2020-0796), a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions. The PoC exploit is unreliable, but could be used by malicious attackers as a…
|via helpnetsecurity PoC RCE exploit for SMBGhost Windows flaw released https://bit.ly/2XKyuMe
|Proof-of-Concept Exploit Code for New Wormable Windows Flaw SMBGhost Published on Github @dangood001…
|Cisco Security Advisories – 47 flaws, 3 critical!
|CERT-EU VulnerabilitiesApplications – Jun 08 2020 15:48
|Cisco Systems recently issued a series of security advisories addressing 47 vulnerabilities, including 3 critical ones discovered & fixed in IOS or IOS EX software. Among the most serious were a privilege escalation vulnerability in the authorisation…
|Ongoing Campaigns
|Three Warning Signs of a Business Email Compromise (BEC) Attack
|ProofPoint – Jun 08 2020 15:10
|Business Email Compromise (BEC ) has become a major concern for organizations of all sizes, in all industries, all around the world. In 2019, the FBI’s Internet Crime Complaint Center (IC3) recorded 23,775 complaints about BEC, which resulted in…
|Not the Resume You are Looking For
|Cyware – Jun 08 2020 07:24
|Malware attack activity has witnessed an upsurge during the ongoing pandemic. Recently, a new campaign has been found to raise the bar a tad bit higher with resume-based subterfuge. What is happening? As per research conducted by Check Point Software,…
|Tycoon malware rages through US schools, LG’s boot problem, and QNAP admins had better get busy
|The Register – Jun 08 2020 07:57
|Also: Cisco and Apple push out patches It is time once again for El Reg 's weekly security roundup. Here's a look at a few of the more interesting stories making the rounds over the past seven days. Wishbone hit with class-action suit A few weeks back,…
