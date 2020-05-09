Cyber Alert – 09 May 2020
Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Shiny Hunters
|6
|9
|APT30
|4
|12
|Stuxnet
|3
|6
|SNAKE Ransomware
|2
|10
|Sodinokibi Ransomware
|4
|19
|GnosticPlayers
|1
|1
|Formbook Malware
|1
|1
|GoGoogle Ransomware
|1
|2
|PlugX Trojan
|1
|1
|SilverTerrier
|1
|4
|Data Breaches
|DigitalOcean Data Leak Incident Exposed Some of Its Customers Data
|THN : The Hacker News – May 08 2020 21:33
|DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers' data to unknown and unauthorized third parties. Though the hosting company has not yet publicly…
|US Marshals Service exposed prisoner details in security breach
|ZDNet Security – May 09 2020 00:20
|Security breach took place in December 2019 and was discovered by the DOJ's JSOC team.
|“MobiFriends” Suffered a Data Breach but Told Exposed Users Nothing
|TechNadu – May 08 2020 14:56
|A new dump has appeared on the dark web, and it contains the data of millions of “MobiFriends” users. The data breach occurred over a year ago, but the platform didn’t disclose this matter to the public. The hackers might have accessed an unprotected…
|Certified Divers Had Their PII Exposed Due to PADI Blunder
|TechNadu – May 08 2020 14:56
|The Professional Association of Diving Instructors has exposed the PII of 2.3 million of its members. The incident occurred due to a misconfiguration on an Elasticsearch server happening on April 23, 2020. The data that was compromised includes full…
|Hacker Groups
|Shiny Hunters hackers try to sell a host of user records from breaches
|BleepingComputer.com – May 08 2020 07:28
|Three more high-profile databases are being offered for sale on a hacker forum by the same group claiming the Tokopedia and Unacademy breaches, and the more recently reported theft of Microsoft's private GitHub repositories. […]
|Naikon APT Targeting Seven APAC Governments via a New Backdoor
|TechNadu – May 08 2020 09:18
|The Naikon APT has reappeared online, and they have refreshed their attack arsenal. The group is using a new backdoor named “Aria-body,” and which features similarities with their 2015 malware. Mainly governments in the Asia Pacific region, ministries,…
|Naikon’s Aria
|Kaspersky Lab – May 08 2020 15:00
|Our colleagues at Checkpoint put together a fine research writeup on some Naikon resources and activity…
|Naikon APT Hid Five Year Espionage Attack Under Radar
|News ≈ Packet Storm – May 08 2020 14:22
|Malware
|Bitdefender Decryptor for GoGoogle (aka BossiTossi) Ransomware
|MalwareTips.com – May 08 2020 08:33
|This decryptor currently solves infections for .google files encrypted with the XOR method. An updated decryptor to become available in the future will handle the RSA 1024 scenario as well. Click to expand… Full instructions here :…
|REvil ransomware threatens to leak A-list celebrities’ legal docs
|BleepingComputer.com – May 08 2020 15:33
|The Sodinokibi ransomware group threatens to release hundreds of gigabytes of legal documents from a prominent entertainment and law firm that counts dozens of international stars as their clients. […]
|Hackers hit Europe’s largest healthcare provider with Snake ransomware
|HackRead – May 08 2020 13:16
|By Deeba Ahmed Snake ransomware, aka Ekans, was discovered in 2019… This is a post from HackRead.com Read the original post: …
|Threat Brief: Maze Ransomware Group
|Unit 42 – Palo Alto Networks Blog – May 08 2020 13:00
|We've detected an uptick in Maze ransomware samples across multiple industries and created a general threat assessment post on the group behind it. The post Threat Brief:…
|Vulnerabilities
|CVE-2020-12720: vBulletin Urges Users to Patch Undisclosed Security Vulnerability
|Tenable Blog – May 08 2020 21:15
|vBulletin released patches for an undisclosed security vulnerability, encouraging users to apply the patch as soon as possible. Background On May 7, vBulletin, a popular online forum software,…
|Flaws in 2 famous WordPress plugins put millions of sites at risk
|HackRead – May 08 2020 15:18
|By Sudais Asif WordPress (WP) is one of the most popular content management systems (CMS) on the planet… This is a post from HackRead.com Read the original post: …
|PrivateVPN and Betternet Apps Vulnerability Let Attackers Send Malicious Updates
|HOTforSecurity – May 08 2020 13:41
|…
|Elementor Plugin Vulnerabilities Exploited to Hack WordPress Sites
|SecurityWeek RSS Feed – May 08 2020 11:49
|Threat actors are actively targeting a vulnerability in the Elementor Pro plugin for WordPress to compromise websites, WordPress security company Defiant warned this week. …
|Ongoing Campaigns
|Healthcare, Government Organizations Targeted in BEC Attacks With COVID-19 Lures
|Security Week – May 08 2020 15:06
|Nigerian cybercriminals specialized in business email compromise (BEC) attacks were observed leveraging COVID-19 lures in recent attacks on healthcare and government organizations, Palo Alto Networks reveals. Referred to as and active since at least…
|Trickbot Further Adapts Itself for COVID-19 Related Scams
|Cyware – May 08 2020 18:26
|Trickbot malware continues its malicious campaigns against various organizations across the globe. Recent attacks Trickbot, which is considered as one of the most prolific malware involved in COVID-19 related cybercrimes, was actively targeting…
|H2 2019: Duration of phishing attacks grows, use of banking trojans wanes
|Help Net Security – News – May 08 2020 10:00
|The lifespan of phishing attacks in H2 2019 has grown considerably and resulted in the tremendous increase in the number of phishing websites blockages, says Group-IB’s Computer Emergency Response Team (CERT-GIB). Phishers have also revised their…
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.