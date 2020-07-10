Silobreaker

Threat Reports

Cyber Alert – 10 July 2020

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Evilnum 39 39
Conti Ransomware 27 31
The Joker Malware 8 8
FIN6 6 6
Cosmic Lynx 7 40
EMOTET Trojan 6 15
Ryuk Ransomware 7 10
Fxmsp 6 32
ADHUBLLKA 2 2
Formbook Malware 2 2
Data Breaches
InfoSecHotSpot – Data Leak on Online Gambling App puts Millions of Users at Risk of Cyber Attacks A massive data leak discovered on… https://t.co/NqoPeer4wZ
Data Leak on Online Gambling App puts Millions of Users at Risk of Cyber Attacks A massive data leak discovered on the technical database of popular casino gambling app Cubillion exposed daily activities and personal identifiable information of…
If you haven't potentially exposed 1000s of customers once again with networking vulns, step forward… Not so fast, Palo Alto Networks
The Register – SecurityJul 09 2020 10:12
Getting to be a real PAN in the OS Palo Alto Networks has emitted its second software update in as many weeks to address a potentially serious security vulnerability in its products.…
Hacker Groups
“Keeper” Magecart group infected over 570 online shops since 2017
CERT-EU – Latest Articles Ongoing Threats – RSSJul 09 2020 09:31
A group of hackers known as “Keeper” has been engaging in Magecart-style attacks aimed at stealing credit card data of online shoppers. Over the last three years the group targeted more than 570 e-commerce websites generating estimated $7 million…
S21sec – 🔵 MAGECART – Magecart campaign against websites: the security firm Gemini Advisory alerts for the movements of Mage… https://t.co/ce8JEMfkfV
S21sec – TwitterJul 09 2020 09:54
🔵 MAGECART – Magecart campaign against websites: the security firm Gemini Advisory alerts for the movements of Magecart during the last three years, which would have infected more than 570 websites, in more than 50 countries, affecting domains…
Cosmic Lynx Goes After the Big Fish in Over 200 BEC Campaigns
CERT-EU – Latest Articles Ongoing Threats – RSSJul 09 2020 14:30
Cosmic Lynx targets senior executives at large organizations and corporations in 46 countries. It specializes in scams related to mergers and acquisitions, requesting hundreds of thousands or even millions of dollars as part of its scams. The…
Indian Defense Organizations Under Attack By APT36
IBM X-Force Exchange – Advisory Tag – RSSJul 09 2020 17:52
Summary Seqrite has observed an increase in activity from APT36, a Pakistan-linked cyber threat actor. Governmental defense organizations, in India, and their personnel are the victims of this attack. Threat Type Malware, Campaign, RAT Overview Indian…
Malware
Up Close with Evilnum, the APT Group Behind the Malware
Dark Reading:Jul 09 2020 21:35
The group behind Evilnum malware, which continues to target financial institutions, appears to be testing new techniques.
2020-07-09 – Pcap and malware for ISC diary (Formbook)
Malware-Traffic-Analysis.net – Blog EntriesJul 09 2020 21:29
Vulnerabilities
New Mirai Variant Targets CVE-2020-10173 and Other New Flaws
TechNaduJul 09 2020 08:18
A new version of Mirai adds nine new exploits, including one for the Comtrend VR-3033. The “CVE-2020-10173” has crucial implications, as it leads to full remote network takeover. The malware is also targeting a set of weak default credentials through…
Ongoing Campaigns
Conti ransomware shows signs of being Ryuk’s successor
BleepingComputer.comJul 09 2020 18:56
The Conti Ransomware is an upcoming threat targeting corporate networks with new features that allow it to perform quicker and more targeted attacks. There are also indications that this ransomware shares the same malware code as Ryuk, who has slowly…
Russian Group Cosmic Lynx Launches Over 200 BEC Campaigns 7/9/20 12:00 AM
Trend MicroJul 09 2020 10:54
A Russian group dubbed as Cosmic Lynx initiated more than 200 Business Email Compromise ( BEC ) campaigns targeting hundreds of multinational companies, as uncovered by security firm Agari . Cosmic Lynx was revealed to have been launching campaigns…
APT Group Targets Fintech Companies
BankInfoSecurityJul 09 2020 18:15
Report: Little-Known Evilnum Group Relies on Spear-Phishing…
New phishing attack targets Zoom users to steal Office 365 credentials
CERT-EU VulnerabilitiesApplicationsJul 09 2020 18:30
A new phishing attack is targeting Microsoft 365 (formerly Office 365) users in the form of an email notification for a Zoom account suspension. The email aims to steal users’ Microsoft 365 credentials. The attack was spotted and documented The…

