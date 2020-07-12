Cyber Alert – 12 July 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Trickbot Malware
|17
|60
|Cult of the Dead Cow
|2
|2
|Guccifer2
|2
|3
|UNKN
|1
|1
|BazarBackdoor
|1
|1
|M00nD3v Logger
|1
|1
|Zebrocy Malware
|1
|1
|APT28
|1
|2
|GandCrab Ransomware
|1
|3
|Evilnum Group
|2
|36
|Data Breaches
|Dunzo Delivery Service – Email Addresses and Phone Numbers exposed
|MalwareTips.com – Jul 11 2020 14:37
|Homepage: Get free online delivery for food, medicines, groceries and more | Same day delivery | Dunzo Google-backed delivery services start-up Dunzo has disclosed that one of its customer databases suffered a data breach. The data breach exposed phone…
|Hacker Groups
|Russian Cyber Gang ‘Cosmic Lynx’ Focuses on Email Fraud – Dark Reading
|CERT-EU – Latest Articles Ongoing Threats – RSS – Jul 11 2020 21:05
|Cosmic Lynx takes a sophisticated approach to business email compromise and represents a shift in tactics for Russian cybercriminals. Russian cybercriminals behind a newly discovered business email compromise (BEC) campaign put a sophisticated spin on…
|Operation ‘Honey Trap’: APT36 Targets Defense Organizations in India
|Reddit – BlueTeamSec – RSS – Jul 11 2020 17:38
|Malware
|How REvil Used the Underground Ecosystem to Form an Extortion Cartel
|DataBreaches.net – Jul 11 2020 11:38
|A new paper on Sodinokibi (REvil) ransomware operators by Advanced Intelligence begins: Just about one year ago, the makers of the infamous GandCrab ransomware announced their retirement, having reportedly earned an astonishing $2 billion since their…
|TrickBot malware mistakenly warns victims that they are infected
|BleepingComputer.com – Jul 11 2020 18:12
|The notorious TrickBot malware mistakenly left a test module that is warning victims that they are infected and should contact their administrator. […]
|Vulnerabilities
|RIFT: Citrix ADC Vulnerabilities CVE-2020-8193, CVE-2020-8195 and CVE-2020-8196 Intelligence
|Reddit – Netsec – Jul 11 2020 11:43
|Kasa camera flaw allows enumerating usernames for credential stuffing
|HackRead – Jul 11 2020 16:56
|By Sudais Asif The hacker who happens to be a hobbyist farmer and Kasa camera… This is a post from HackRead.com Read the original post: …
|New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173
|CERT-EU VulnerabilitiesApplications – Jul 11 2020 06:37
|The vulnerabilities. The vulnerabilities used by this Mirai variant consist of a combination of old and new that help cast a wide net encompassing different types of connected devices. The nine vulnerabilities used in this campaign affect specific…
|Ongoing Campaigns
|Hackers Are Selling 62,000 Active eToro Accounts on a Dark Web Forum
|TechNadu – Jul 11 2020 10:18
|An actor known as “Sheriff” is selling tens of thousands of eToro user accounts on a dark web forum. The sale is an auction, and the threat actor promises fully working credentials. “Sheriff” has been collaborating with “REvil” in the last couple of…
