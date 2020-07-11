Silobreaker

Menu
 
Menu

Threat Reports

  |  Tags: daily cyber digest

Cyber Alert – 11 July 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Conti Ransomware 14 45
Evilnum 11 53
Evilnum Group 7 31
Avaddon Ransomware 5 7
Ryuk Ransomware 6 16
Async RAT 3 3
The Joker Malware 3 11
Fxmsp 6 37
Phorpiex Malware 2 2
URSNIF 3 9
Data Breaches
Jan0fficial – RT @NatSecGeek: #BlueLeaks is literally what exposed this
Jan0fficial – TwitterJul 10 2020 14:29
RT @NatSecGeek: #BlueLeaks is literally what exposed this
Hacker Left Ransom Notes on 22,900 Exposed MongoDB Databases
CywareJul 10 2020 18:55
NoSQL databases like MongoDB, that are widely used in online applications, are subject to several risks and can lead to a data breach if not configured properly. In June, the ZDNet security team found a hacker using an automated script to scan for…
gh0std4ncer – RT @ebellis: FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines https://t.co/jGfjYjDZlM
gh0std4ncer – TwitterJul 10 2020 18:22
RT @ebellis: FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines…
sans_isc – @sstudnet875 Not these vulnerabilities. The XSS->Code Exec exploit works even if they are not exposed (but this is harder to exploit)
sans_isc – TwitterJul 10 2020 14:08
@sstudnet875 Not these vulnerabilities. The XSS->Code Exec exploit works even if they are not exposed (but this is harder to exploit)
Hacker Groups
Evilnum Group Targets Fintech Companies in Europe
TSecurity.deJul 10 2020 13:23
… http://feedproxy.google.com/~r/Securityweek/~3/0SmACUjgbn8/evilnum-group-targets-fintech-companies-europe
Evilnum, FIN6, and Cobalt Group share the same malware provider
CERT-EU – Latest Articles Ongoing Threats – RSSJul 10 2020 10:33
Security researchers at ESET have published a report detailing activities of the Evilnum APT, a group behind the eponymous malware, which has been targeting fintech companies since at least 2018. Over the years, the group’s toolset and infrastructure…
New Fraud Ring “Bargain Bear” Brings Sophistication to Online Crime
CERT-EU – Latest Articles Ongoing Threats – RSSJul 10 2020 09:24
The ring tests the validity of stolen credentials to be used in fraud through an online marketplace. A new report out today says that online fraud is soaring in 2020. As an example, the report introduces the activity of a fraud ring in Russia that…
SecurityWeek – Evilnum Group Targets Fintech Companies in Europe https://t.co/D99yMHLNRS
SecurityWeek – TwitterJul 10 2020 12:43
Evilnum Group Targets Fintech Companies in Europe https://www.securityweek.com/evilnum-group-targets-fintech-companies-europe
Malware
Threat spotlight: WastedLocker, customized ransomware
Malwarebytes UnpackedJul 10 2020 18:10
WastedLocker is a new ransomware operated by a malware exploitation gang commonly known as the Evil Corp gang. The same gang that is associated with Dridex and BitPaymer. The attribution is not based on the malware variants as WastedLocker…
InfoSecHotSpot – Conti Ransomware Possesses Similar Characteristics as Ryuk First spotted towards the end of December 2019, the Cont… https://t.co/dNiDHx502V
InfoSecHotSpot – TwitterJul 10 2020 10:59
Conti Ransomware Possesses Similar Characteristics as Ryuk First spotted towards the end of December 2019, the Conti ransomware has since increased its number of attacks. It appears that this new ransomware shares certain code as Ryuk. The latter has…
Expert Insight on Conti Ransomware Shows Signs of Being a Ryuk Successor
Information Security BuzzJul 10 2020 09:53
The Conti Ransomware is an upcoming threat targeting corporate networks with new features that allow it to perform quicker and more targeted attacks. There are also indications that this ransomware shares the same malware code as Ryuk, who…
TrickBot Uses Screen Resolution as Anti-VM Checks to Evade Analysis
CywareJul 10 2020 18:55
Originally started as a banking trojan, the infamous TrickBot malware has now evolved to perform a variety of malicious behavior. In several capabilities, Trickbot follows the evolution of modern threats via its modular and expandable tactics…
Vulnerabilities
Security Bulletin: Addressing the Sqlite Vulnerability CVE-2020-11656, CVE-2020-11655
CERT-EU VulnerabilitiesApplicationsJul 11 2020 01:31
Share this post: IBM Tivoli Composite Application Manager (ITCAM) for Transactions – Transaction Tracking has addressed the following SQLite vulnerability: Affected product(s) and affected version(s): IBM Product Security Vulnerabilities. See…
threatpost – A review of 127 popular home #routers found that most contained at least one critical #security flaw.
https://t.co/JGMjtZgwgy
threatpost – TwitterJul 10 2020 13:46
A review of 127 popular home #routers found that most contained at least one critical #security flaw.
https://threatpost.com/report-most-popular-home-routers-have-critical-flaws/157346/
Report: Most Popular Home Routers Have ‘Critical’ Flaws
Threatpost.comJul 10 2020 13:25
Common devices from Netgear, Linksys, D-Link and others contain serious security vulnerabilities that even updates don’t fix.
Ongoing Campaigns
POS Malware Leverages DNS for Secret Communications
CywareJul 10 2020 18:55
Sophisticated threat actors often tend to hide their malicious communications via innovative techniques, in order to dodge the detection by security solutions. One such attempt was recently made by a Point of Sale (PoS)-targeting malware, that…
Maze Ransomware Claims Attack on Xerox Corporation
CywareJul 10 2020 18:55
Maze ransomware operators are busy updating their list of victims, by targeting a large number of organizations almost every day. Recently, they claimed to have added the Xerox Corporation to their victim list. Xerox inked with data leak incident Xerox…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 11 July 2020

    Silobreaker's Daily COVID-19 Alert for 11 July 2020
    Read more

  • COVID-19 Alert – 10 July 2020

    Silobreaker's Daily COVID-19 Alert for 10 July 2020
    Read more

  • Cyber Alert – 10 July 2020

    Cyber Alert: InfoSecHotSpot - Data Leak on Online Gambling App puts Millions of Users at Risk of Cyber Attacks A massive data leak discovered...
    Read more
View all News

Request a demo

Get in touch