This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
DanaBot 4 4
GnosticPlayers 1 1
TheDarkOverlord 1 1
Lampion 1 6
Evilnum 3 57
APT28 1 3
Tsunami Backdoor 1 1
Cosmic Lynx 2 45
Cerberus Malware 1 33
Evilnum Group 1 37
Data Breaches
Hacker breaches security firm in act of revenge
ZDNet SecurityJul 13 2020 02:53
Hacker claims to have stolen more than 8,200 databases from a security firm's data leak monitoring service.
Yahoo Breach Payout Deadline Is In 1 Week—Here’s How To Claim
Forbes – Cybersecurity RSSJul 12 2020 09:53
The Yahoo breach payout deadline of July 20 is fast approaching. Here’s how to find out if you are eligible for a payout and file a claim.
mikko – The system was breached by a highly sophisticated actor.
mikko – TwitterJul 12 2020 23:21
The system was breached by a highly sophisticated actor.
ZDNet – Majority of firms concerned about public cloud security, most have suffered breach https://t.co/SsTUOXrht7
ZDNet – TwitterJul 12 2020 11:00
Majority of firms concerned about public cloud security, most have suffered breach…
Hacker Groups
Fancy Bear
CERT-EU – Latest Articles Ongoing Threats – RSSJul 13 2020 01:11
The “spear-phishing” attacks — in which hackers send out phony emails intended to trick people into visiting websites that look authentic but in fact enable them to infiltrate their victims’ corporate computer systems — were tied to the APT28 hacking…
Cosmic Lynx Threat Dossier: The Rise of Russian BEC
CERT-EU – Latest Articles Ongoing Threats – RSSJul 13 2020 01:11
First-ever reported Russian BEC ring represents the future of high-risk email attacks. Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing…
anon_indonesia – The Anonymous Indonesia News Daily is out! https://t.co/kvi4Vuhyof #jakpost
anon_indonesia – TwitterJul 13 2020 03:15
The Anonymous Indonesia News Daily is out! https://paper.li/anon_indonesia/1435572762?edition_id=0a1614e0-c4b7-11ea-b578-002590a5ba2d #jakpost
TweeterCyber – #APT33 #PoshC2
Potential APT33 PoshC2 Powershell payload uploaded from UK. Probably someone is already trying to an… https://t.co/aHCMsXMAZ5
TweeterCyber – TwitterJul 12 2020 16:20
#APT33 #PoshC2
Potential APT33 PoshC2 Powershell payload uploaded from UK. Probably someone is already trying to analyse it.
C2:investersalliance[.]net
MD5: 230ca8d0a05178ac69d34e802f1d949d
Checkout previous APT33 PoshC2 analysis by @Arkbird_SOLG…
Malware
Word Macro Drops IcedID Trojan – Malware Analysis
Reverse EngineeringJul 12 2020 10:22
submitted by /u/anuraggawande [link]…
ZDNet – Researchers connect Evilnum hacking group to cyberattacks against Fintech firms https://t.co/HKu5KJjqCL
ZDNet – TwitterJul 12 2020 19:45
Researchers connect Evilnum hacking group to cyberattacks against Fintech firms…
Malware adds Any.Run sandbox detection to evade analysis
BleepingComputer.comJul 12 2020 17:39
Malware developers are now checking if their malware is running in the Any.Run malware analysis service to prevent their malware from being easily analyzed by researchers. […]
CyberScoopNews – How do you fight off a ransomware attack? https://t.co/fqdZEGNJXG
CyberScoopNews – TwitterJul 12 2020 13:28
How do you fight off a ransomware attack? https://hubs.ly/H0spBf00
Vulnerabilities
cybersecboardrm – Kasa camera flaw allows enumerating usernames for credential stuffing #Cybersecurity #camera #security https://t.co/JX8pjqKdaR
cybersecboardrm – TwitterJul 12 2020 21:47
Kasa camera flaw allows enumerating usernames for credential stuffing #Cybersecurity #camera #security https://www.hackread.com/kasa-camera-flaw-enumerating-usernames-credential-stuffing/
cybersecboardrm – KingComposer patches XSS flaw impacting 100,000 WordPress websites #Cybersecurity #digital #security https://t.co/YaLIO9JMrY
cybersecboardrm – TwitterJul 13 2020 04:30
KingComposer patches XSS flaw impacting 100,000 WordPress websites #Cybersecurity #digital #security…
HackRead – RT @QuiteHacker: #TPLink Family of Kasa #Security #Cams Vulnerable to Attack
Researcher warns the highly-rated Kasa family of security ca…
HackRead – TwitterJul 12 2020 16:35
RT @QuiteHacker: #TPLink Family of Kasa #Security #Cams Vulnerable to Attack
Researcher warns the highly-rated Kasa family of security cameras have bugs that gives hackers access to private video feeds and settings.
#cybersecurity #vulnerability…
teamcymru – #Attackers are probing #Citrix controllers and gateways through recently patched flaws #infosec… https://t.co/h6F7Cessum
teamcymru – TwitterJul 12 2020 16:54
#Attackers are probing #Citrix controllers and gateways through recently patched flaws #infosec https://bit.ly/2ZVSCe3 https://twitter.com/teamcymru/status/1282357559719088131/photo/1
Ongoing Campaigns
TripwireInc – Senior executives at Fortune 500 and Global 2000 companies are being targeted by Cosmic Lynx in highly professional… https://t.co/gdNoNgJcia
TripwireInc – TwitterJul 12 2020 10:00
Senior executives at Fortune 500 and Global 2000 companies are being targeted by Cosmic Lynx in highly professional Business Email Compromise (BEC) attacks.
@gcluley explores the anatomy of these…
DrunkBinary – @k_sec On my side none, but different vertical for targeting than in my purview. Looking at VT, mostly just Zekapab… https://t.co/28DCJvC5W2
DrunkBinary – TwitterJul 12 2020 05:12
@k_sec On my side none, but different vertical for targeting than in my purview. Looking at VT, mostly just Zekapab varients being uploaded in the wild. Lots of Turla and Gamaredon Group though, which is fun and interesting.
CyberScoopNews – Denial of service attacks against advocacy groups skyrocket https://t.co/DxzNhF7lP9
CyberScoopNews – TwitterJul 12 2020 16:03
Denial of service attacks against advocacy groups skyrocket https://hubs.ly/H0spwYp0
How I was able to change victim’s password using IDN Homograph Attack
InfoSec Bug Bounty Write-ups – RSSJul 12 2020 13:54
Hey guys Abhishek this side. This is my first writeup. This article is about a vulnerability I was able to find in the BugCrowd private program. What is IDN homograph attack? The …

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal