11 October 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Clop Ransomware 7 21
Trickbot Malware 11 40
Cult of the Dead Cow 2 2
TA505 3 23
Cobalt Dickens 2 6
MontysThree 2 22
Waterbear Loader 1 1
PhysXPluginMfx 1 1
Jaff Ransomware 1 1
Chimborazo Hacker Group 1 2
Data Breaches
Dinosn – Marketing firm Friendemic exposed 2.7 million customer records https://t.co/57w2V8gVQoDinosn – Twitter – Oct 10 2020 12:57Marketing firm Friendemic exposed 2.7 million customer records https://www.hackread.com/marketing-firm-friendemic-customer-records-exposed/
Marketing firm Friendemic exposed 2.7 million customer recordsHackRead – Oct 10 2020 12:53Exposed data belonged to Friendemic and included full names, email addresses, and contact numbers of its customers. The dangers of unprotected Amazon S3 buckets are well documented. Yet another firm made the mistake of improper cloud configuration and…
‘Bitexlive’ Exposed Sensitive User Information to Site VisitorsTechNadu – Oct 10 2020 09:03Turkish crypto-exchange ‘Bitexlive’ has exposed highly sensitive user data to any visitor of the site. The information comes from support tickets, so it includes PII, KYC documents, and other details. The platform never responded to the reporters and…
cybersecboardrm – Marketing firm Friendemic exposed 2.7 million customer records #Cybersecurity #marketing #security https://t.co/x5Pijg9xcccybersecboardrm – Twitter – Oct 10 2020 13:06Marketing firm Friendemic exposed 2.7 million customer records #Cybersecurity #marketing #security https://www.hackread.com/marketing-firm-friendemic-customer-records-exposed/
Hacker Groups
Chat Digest – 🇮🇷 Bax 026 Of Iran 🇮🇷 2020/10/10 13:41 – 13:41 UTC“🇮🇷 Bax 026 Of Iran 🇮🇷” – Telegram – Oct 10 2020 13:41[13:41] : 🇮🇱👎🏿
Chat Digest – 🇮🇷 Bax 026 Of Iran 🇮🇷 2020/10/10 13:41 – 20:42 UTC“🇮🇷 Bax 026 Of Iran 🇮🇷” – Telegram – Oct 10 2020 13:41[13:41] : 🇮🇱👎🏿 [20:42] :
peterkruse – Iranian APT group Silent Librarian (aka Cobalt Dickens or TA407) just launched a new spear phishing campaign target… https://t.co/iiTg5m0VEnpeterkruse – Twitter – Oct 11 2020 04:04Iranian APT group Silent Librarian (aka Cobalt Dickens or TA407) just launched a new spear phishing campaign targeting University of Oxford: https://webauth.ox.ac[.]uk. @NCSC https://twitter.com/peterkruse/status/1315141313600393222/photo/1
Chainlink offers a $ 100k grant to developersArchynewsy – Oct 10 2020 05:02Oracle’s Decentralized Network Chainlink Grant Program is generating blockchain integration grants worth more than $ 100,000 available to developers fully integrating the smart contract platform into new blockchains. So far, Chainlink has accepted…
Malware
MontysThree APT: Showing its Teeth with New Malware ToolkitCyware – Oct 10 2020 18:36MontysThree, a newly discovered threat group, is known to be carrying out espionage campaigns since 2018. Recently, the group has been found using new tools and legitimate public cloud services for targeted industrial espionage attacks, which is rare…
InfoSecHotSpot – Report: U.S. Cyber Command Behind Trickbot Tricks A week ago, KrebsOnSecurity broke the news that someone was attem… https://t.co/Jjjkw0uc93InfoSecHotSpot – Twitter – Oct 10 2020 08:28Report: U.S. Cyber Command Behind Trickbot Tricks A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread…
ZDNet – How Windows malware developers are selling their exploits to ransomware gangs and spies https://t.co/84gK3fgbmEZDNet – Twitter – Oct 10 2020 09:15How Windows malware developers are selling their exploits to ransomware gangs and spies…
ZDNet – How Windows malware developers are selling their exploits to ransomware gangs and spies https://t.co/g4s6DvXW2vZDNet – Twitter – Oct 10 2020 15:45How Windows malware developers are selling their exploits to ransomware gangs and spies…
Vulnerabilities
Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warnsSecurity Affairs – Oct 10 2020 17:42Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as …
cybersecboardrm – Critical Zerologon Flaw Exploited in TA505 Attacks #Cybersecurity #security https://t.co/hWlpPsv5cJcybersecboardrm – Twitter – Oct 10 2020 13:11Critical Zerologon Flaw Exploited in TA505 Attacks #Cybersecurity #security https://www.darkreading.com/threat-intelligence/critical-zerologon-flaw-exploited-in-ta505-attacks/d/d-id/1339141
US Warns: Hackers Chaining Zerologon, Other VulnerabilitiesBankInfoSecurity – Oct 10 2020 15:41CISA Says APTs Gained Access to State and Local…
Secnewsbytes – Microsoft Azure Flaws Open Admin Servers to Takeover https://t.co/jn1sLS9MC6 #cybersecuritySecnewsbytes – Twitter – Oct 10 2020 13:30Microsoft Azure Flaws Open Admin Servers to Takeover https://threatpost.com/microsoft-azure-flaws-servers-takeover/159965/ #cybersecurity
Ongoing Campaigns
Server-Side Request Forgery — SSRF: Exploitation TechniqueInfoSec Bug Bounty Write-ups – RSS – Oct 10 2020 18:00Server-Side Request Forgery — SSRF: Exploitation Technique Server-side request forgery, or SSRF, is a vulnerability that allows an attacker to use a vulnerable server to make HTTP requests on the attacker’s behalf. This is similar to CSRF as both…
InfoSecHotSpot – Russian-speaking hackers use ‘MontysThree’ toolset on industrial targets The attacks have been ongoing since 2018… https://t.co/HW8Pq2J00XInfoSecHotSpot – Twitter – Oct 10 2020 12:28Russian-speaking hackers use 'MontysThree' toolset on industrial targets The attacks have been ongoing since 2018 https://bit.ly/3dnifuI https://twitter.com/InfoSecHotSpot/status/1314905583670169601/photo/1
Cyber_War_News – RT @peterkruse: Iranian APT group Silent Librarian (aka Cobalt Dickens or TA407) just launched a new spear phishing campaign targeting Univ…Cyber_War_News – Twitter – Oct 11 2020 05:01RT @peterkruse: Iranian APT group Silent Librarian (aka Cobalt Dickens or TA407) just launched a new spear phishing campaign targeting University of Oxford: https://webauth.ox.ac[.]uk. @NCSC…
Waterbear Modular Malware Campaign Lashes out at Taiwanese GovernmentCyware – Oct 10 2020 18:36A number of Taiwanese government entities have been recently targeted by a fresh Waterbear campaign in sophisticated cyberattacks. Associated with the BlackTech threat group, the malware has been observed utilizing leftovers from previous attacks on…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal