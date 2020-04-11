Cyber Alert – 11 April 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|DoppelPaymer Ransomware
|4
|9
|CXK-NMSL Ransomware
|2
|2
|Anchor Malware
|2
|5
|Legion Loader
|1
|1
|BASHLITE Malware
|1
|1
|Pony Trojan
|1
|1
|Remcos RAT
|1
|2
|PassCV (APT)
|1
|3
|Maze Ransomware
|4
|16
|CrySiS Ransomware
|1
|1
|Data Breaches
|Expert Comment: RigUp Data Breach Exposed 70,000 Records
|Information Security Buzz – Apr 10 2020 19:10
|In response to a recent vpnMentor report that revealed RigUp experienced a data breach compromising more than 70,000 private files belonging to its US energy sector clients, a cybersecurity expert offers perspective. The ISBuzz Post: This…
|SFO Websites Hacked: Airport Discloses Data Breach
|Threatpost.com – Apr 10 2020 22:46
|San Francisco International Airport notified users of two low-traffic websites of a data breach that occurred in March.
|San Francisco Intl Airport discloses data breach after hack
|BleepingComputer.com – Apr 10 2020 16:14
|San Francisco International Airport (SFO) disclosed a data breach after two of its websites, SFOConnect.com and SFOConstruction.com, were hacked during March 2020. […]
|115 million Pakistani mobile users data found up for sale on dark web
|DataBreaches.net – Apr 10 2020 11:30
|From Rewterz: Rewterz, a pioneer of specialized cybersecurity services in Pakistan, has discovered a data dump of 115 million Pakistani mobile users data that have shown up for sale on the dark web today. The cyber criminal behind this data breach is…
|Hacker Groups
|Coronavirus-driven online shopping driving more payment card skimming
|SC Magazine US – Apr 10 2020 16:44
|Cybercriminals tend to follow the money so with retail shopping dramatically shifting to the web due to the COVID-19 shutdown of brick and mortar retailers, researchers are seeing an increased use in online payment card skimming malware. Malwarebytes…
|Citing BGP hijacks and hack attacks, feds want China Telecom out of the US
|ArsTechnica – Apr 10 2020 13:17
|Enlarge bfishadow Citing the misrouting of US Internet traffic, malicious hacking and control by the Chinese government, a group of US executive agencies are recommending the FCC revoke the license authorizing China Telecom to provide international…
|Malware
|Symantec Endpoint Protection 14 vs CXK-NMSL ransomware
|MalwareTips.com – Apr 10 2020 09:33
|Vulnerabilities
|CVE-2020-3952 flaw could allow attackers to hack VMware vCenter Server
|Security Affairs – Apr 10 2020 14:22
|VMware has addressed a critical information disclosure vulnerability related to the Directory Service that can be exploited to compromise vCenter Server. VMware has addressed a critical information disclosure flaw, tracked as CVE-2020-3952, that…
|What are vulnerability scanners and how do they work?
|CSO Magazine – Apr 10 2020 10:28
|Vulnerability scanner definition Vulnerability scanners are automated tools that allow organizations to check if their networks, systems and applications have security weaknesses that could expose them to attacks. Vulnerability scanning is a common…
|SANS ISC – Johannes Ullrich’s ‘Citrix ADC Vulnerability: How/Why Does The Exploit Work’
|Security Bloggers Network – Apr 10 2020 18:00
|Thanks to SANS for publishing their SANS ISC superlative SANS ISC videos on…
|Botnet Targets Critical Vulnerability in Grandstream Appliance
|Security Week – Apr 10 2020 11:06
|The Hoaxcalls botnet is actively targeting a recently patched SQL injection vulnerability in Grandstream UCM6200 series devices, security researchers warn. Tracked as and rated critical severity (with a CVSS3.1 score of 9.8), the vulnerability exists…
|Ongoing Campaigns
|Cyber News Rundown: Malicious COVID-19 Websites Surge
|Webroot Threat Blog – Apr 10 2020 12:00
|Reading Time: ~ 2 min. Malicious COVID-19 Websites Surge In recent months, more than 136 thousand new domains have been registered that reference the current COVID-19 outbreak, many of which have yet to be flagged. A large portion of these sites…
|Dutch police arrests suspect behind DDoS attacks on government sites
|BleepingComputer.com – Apr 10 2020 15:16
|A 19-year old man from Breda, Netherlands, was arrested today for allegedly carrying out distributed denial-of-service (DDoS) attacks that caused two Dutch government websites to shut down for several hours on March 19, 2020. […]
