10 December 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Zebrocy Malware 9 9
APT28 15 38
QakBot 11 25
Gaza Cybergang 6 6
APT29 7 15
The Shadow Brokers 4 6
URSNIF 4 5
Phorpiex Malware 4 4
IcedID Trojan 4 6
SideWinder APT 3 5
Data Breaches
TN: Personal information of some University of Memphis employees exposed in security breachDataBreaches.net – Dec 09 2020 11:59John Klyce reports: A security breach at the University of Memphis has caused private information of certain faculty and staff members to be compromised. In an email obtained by MBJ — dated Dec. 4 and sent to faculty and staff members — U of M…
Lawyer up: Following a breach, companies often call outside counsel firstSC Magazine US – Dec 09 2020 22:44Outside counsel is increasingly the first call for businesses after a breach, even before the incident response teams. According to CrowdStrike’s Global Incident Response report released this week, outside counsel (rather than an organization itself)…
Mum’s the word? What are these school districts doing after a recent breach?Office of Inadequate Security – Dec 09 2020 12:00On November 15, ABC in Chicago reported that suburban school district Township High School District 211 experienced a…
Security Advisory Regarding the Recent FireEye Breach ReportsSecurity Bloggers Network – Dec 09 2020 16:17Recently, the information security vendor FireEye has made it in the news as the latest victim to suffer a breach. FireEye is stating that their suite of Red Team Tools were among the assets and data that the threat actors retrieved.  What is a…
Hacker Groups
Another Molerats Campaign Targeting the Middle EastIBM X-Force Exchange – Advisory Tag – RSS – Dec 09 2020 17:24Summary Cybereason's Nocturnus Team has published a report that looks at a recent campaign targeting the Middle East that has been attributed to the threat group known as Molerats. Threat Type Malware, Phishing, Campaign, APT Overview The threat group…
threatpost – The SideWinder APT group has mounted a fresh #phishing and #malware initiative.
https://t.co/MzW41wMMYw
threatpost – Twitter – Dec 10 2020 02:00The SideWinder APT group has mounted a fresh #phishing and #malware initiative.
https://threatpost.com/sidewinder-apt-nepal-afghanistan-spy-campaign/162086/
Dark Caracal: Undisclosed Targeted Attack IoCs Can Pose RisksCircleID – Dec 09 2020 15:51Targeted attacks are known as some of the most destructive cyber attacks in that they zoom in on organizations that either provide critical services or have massive user bases. A report revealed that at the end of 2019, 67% of the cyber attacks…
Russian APT28 Hackers Using COVID-19 as Bait to Deliver Zebrocy MalwareTHN : The Hacker News – Dec 09 2020 15:11A Russian threat actor known for its malware campaigns has reappeared in the threat landscape with yet another attack leveraging COVID-19 as phishing lures, once again indicating how adversaries are adept at repurposing the current world events to…
Malware
Qbot malware switched to stealthy new Windows autostart methodBleepingComputer.com – Dec 09 2020 21:00A new Qbot malware version now activates its persistence mechanism right before infected Windows devices shutdown and it automatically removes any traces when the system restarts or wakes up from sleep. […]
Palo Alto creates visualization tool to guide response to Egregor ransomware attacksSC Magazine US – Dec 10 2020 04:44The FBI’s Cyber Division leads the nation’s efforts to investigate and prosecute internet crimes. Since it was first discovered in September 2020, Egregor has hit multiple industries globally, including those within the U.S., Europe, Asia Pacific and…
cybersecboardrm – Qbot malware switched to stealthy new Windows autostart method https://t.co/Lc1OPKrqcfcybersecboardrm – Twitter – Dec 09 2020 22:00Qbot malware switched to stealthy new Windows autostart method https://www.bleepingcomputer.com/news/security/qbot-malware-switched-to-stealthy-new-windows-autostart-method/
virusbtn – On the SANS ISC blog, @malware_traffic looks at recent activity by the Qakbot/Qbot malware https://t.co/9OqzkbVMDA https://t.co/mZcZC8g4d4virusbtn – Twitter – Dec 10 2020 01:23On the SANS ISC blog, @malware_traffic looks at recent activity by the Qakbot/Qbot malware https://isc.sans.edu/diary/rss/26862 https://twitter.com/virusbtn/status/1336843836555997186/photo/1
Vulnerabilities
Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT DevicesTHN : The Hacker News – Dec 09 2020 09:50Cybersecurity researchers disclosed a dozen new flaws in multiple widely-used embedded TCP/IP stacks impacting millions of devices ranging from networking equipment and medical devices to industrial control systems that could be exploited by an…
Dinosn – Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices https://t.co/IBOFEFC6uRDinosn – Twitter – Dec 09 2020 11:44Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices http://feedproxy.google.com/~r/TheHackersNews/~3/mWCnKpBPpuQ/amnesia33-critical-tcpip-flaws-affect.html
security_wang – Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices https://t.co/vwvqw4oPVQsecurity_wang – Twitter – Dec 09 2020 12:43Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices http://dlvr.it/RnHs0x
ZDNet – Amnesia:33 vulnerabilities impact millions of smart and industrial devices https://t.co/sSU1ooXhYDZDNet – Twitter – Dec 09 2020 10:00Amnesia:33 vulnerabilities impact millions of smart and industrial devices…
Ongoing Campaigns
VideoBytes: Ryuk Ransomware Targeting US HospitalsMalwarebytes Unpacked – Dec 09 2020 16:03Hello Folks! In this Videobyte, we’re talking about why hospitals are being targeted by the Ryuk ransomware, what tricks they are using to pull this off and what their motivations might be. Ryuk ransomware is being spread to hospitals using…
Researchers Uncover New Cyber-Espionage Campaign Targeting Middle Eastern PoliticiansInfosecurity – Latest News – Dec 09 2020 15:01Researchers Uncover New Cyber-Espionage Campaign Targeting Middle Eastern Politicians A new cyber-espionage campaign using popular social media and cloud platforms to target high ranking political figures has been revealed following an…
Crooks hide software skimmer inside CSS filesSecurity Affairs – Dec 09 2020 16:02Security researchers have uncovered a new technique to inject a software skimmer onto websites, the malware hides in CSS files. Security researchers have uncovered a new technique used by threat actors to inject a software skimmer onto websites,…
Individual Pleads Guilty to Participating in Internet-of-Things Cyberattack in 2016DataBreaches.net – Dec 10 2020 00:13There’s an update to a case previously reported on this site in 2016. From the U.S. Department of Justice: An individual, formerly a juvenile, pleaded guilty to committing acts of federal juvenile delinquency in relation to a cyberattack that…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal