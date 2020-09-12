Cyber Alert – 12 September 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|PurpleWave
|13
|13
|CDRThief
|15
|45
|APT28
|21
|38
|AZORult Stealer
|10
|20
|LokiBot Trojan
|18
|22
|APT35
|8
|14
|APT31
|4
|4
|Conti Ransomware
|6
|9
|Zirconium Group
|3
|5
|Dridex Malware
|4
|16
|Data Breaches
|United Airlines’ website bug exposed traveler ticket data
|Seclists.org – Data Loss – Sep 11 2020 14:33
|Posted by Destry Winant on Sep 11 https://techcrunch.com/2020/09/10/united-website-bug-tickets/ A bug in United Airlines’ website let anyone access the ticket information for travelers who requested a refund. The airline’s website lets users…
|Thousands Of Razer Customers Order And Shipping Details Exposed On The Web Without Password
|Information Security Buzz – Sep 11 2020 18:15
|Security researchers today revealed that Razer, Inc., a global gaming hardware manufacturing company, e-sports and financial services provider, left thousands of customers’ order and shipping details exposed on the web without password via a…
|Razer Gaming Fans Caught Up In Data Leak
|SecurityPhresh – Sep 11 2020 14:49
|Razer Gaming Fans Caught Up In Data Leak
|Hacker Groups
|Strontium, Zirconium, Phosphorus – Advanced Persistent Threats
|Reddit – Sysadmin – Sep 11 2020 06:08
|div class="md"> https://blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/ — Strontium, operating from Russia, has attacked more than 200 organizations including political campaigns, advocacy groups,…
|Expert Reaction On Microsoft Blog On APT Groups: Comment On APT28 From Mandiant
|Information Security Buzz – Sep 11 2020 18:54
|Microsoft has shared its latest insights into election security intelligence. The advisory mentions three threat actors – including APT28, otherwise known as Fancy Bear. APT28 promotes the political interests of the Russian government, and is known…
|Anonymous Million Mask March ~ALL dates 2020/2021
|Cyberwarzone – Sep 12 2020 02:05
|Increase in DDoS attacks, worldwide marches of people wearing Guy Fawkes masks, what will the Anonymous Million Mask March of 2020 bring us? Year after year Anonymous has performed the Million Mask March, now this year, we could say that it is to be…
|Malware
|New CDRThief Malware Aims to Steal Your VoIP Call Detail Records
|Cyware – Sep 11 2020 19:24
|Bad actors have been increasingly targeting Linux-based systems that are used to host a wide range of business applications. Recently, another new malware has been identified targeting the critical Voice over IP ( VoIP) call metadata stored on…
|Zeppelin Ransomware Floats Back Into View
|BankInfoSecurity – Sep 11 2020 13:15
|Updated Trojan Downloader Helps Avoid Detection After a six-month hiatus, the Zeppelin ransomware variant returned in late August, according to Juniper Threats Labs. The malware now uses an updated Trojan downloader to better hide its activities from…
|New WordPress Malware Can Find and Disable Security Plugins
|TechNadu – Sep 11 2020 08:25
|A new WordPress malware written in PHP can find and disable security plugins on websites. The malware is very persistent and runs continuously to disable any reactivated plugins. Only server-level scanners and file integrity alarms can help against…
|Vulnerabilities
|Security Flaws & Fixes – W/E – 9/11/20
|Tech-Wreck InfoSec Blog – Sep 11 2020 12:28
|Adobe Addresses 18 Security Holes in September Update (09/08/2020) Adobe's monthly …
|Ongoing Campaigns
|Russian Military Hackers Targeted Credentials at Hundreds of Organizations in US, UK
|Security Week – Sep 11 2020 12:17
|For the past year, Russia-linked threat actor Strontium has targeted hundreds of organizations in the United States and the United Kingdom to harvest account credentials, Microsoft reveals. Also referred to as, Fancy Bear, Pawn Storm, Sednit, and Tsar…
|12 checklist items for defeating Magecart attacks
|SC Magazine US – Sep 11 2020 12:44
|Magecart skimmers remained active on Claire’s website for 50 days before being discovered earlier this year. Today’s columnist, Pedro Fortuna of Jscrambler, offers security pros a checklist for a selecting a product to combat Magecart attacks. (Photo…
|Russian state hackers are targeting Biden and Trump campaigns, MSFT warns
|ArsTechnica – Sep 11 2020 12:56
|Enlarge / Vladimir Putin. Kremlin.ru Fancy Bear—the Russian state hacking group that brought you the smash-and-leak attacks on the Democratic National Committee and World Anti-Doping Agency , the NotPetya worm that inflicted billions of dollars of…
|Microsoft: Russia, China and Iran Attack US Presidential Campaigns
|Infosecurity – Latest News – Sep 11 2020 08:30
|Microsoft: Russia, China and Iran Attack US Presidential Campaigns State-sponsored hackers have been in action again, trying to probe the Trump and Biden campaigns for information ahead of the US Presidential election in November, according to…
