Cyber Alert – 13 May 2020
Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.
| Heat – Trending Malware and Threat Actors | ||||
|---|---|---|---|---|
| Name | Heat 1 | Heat 7 | Vol 1 | Vol 7 |
| WannaCry Ransomware |  |
 |
10 | 12 |
| Lazarus Group | |
 |
8 | 25 |
| Magecart Group |  |
|
5 | 8 |
| Maze Ransomware | |
|
12 | 45 |
| Sodinokibi Ransomware | |
|
8 | 28 |
| Sphinx Trojan | |
|
4 | 10 |
| Shiny Hunters | |
|
4 | 19 |
| TA2101 | |
|
3 | 8 |
| Nefilim Ransomware | |
|
3 | 11 |
| Plurox Malware | |
 |
2 | 2 |
| Data Breaches |
| Digital Ocean says it exposed customer data after it left an internal document online |
| DataBreaches.net – May 12 2020 11:23 |
| Catalin Cimpanu reported this on May 8: Web hosting provider Digital Ocean is currently in the process of notifying some customers about a security lapse that exposed some of their account details. According to an email the company is currently… |
| Chatbooks Confirms Breach After Data Sale |
| News ≈ Packet Storm – May 12 2020 14:40 |
| Double Extortion: Data leak combined with ransomware have increased in recent weeks |
| Reddit – Netsec – May 12 2020 13:06 |
| submitted by /u/PENGUINPLOW [link]… |
| Hacker Groups |
| Shiny Hunters Group Puts Millions of Stolen Records for Sale on Dark Web |
| Cyware – May 12 2020 14:20 |
| A hacking group, Shiny Hunters, has started filling up a dark web marketplace with data stolen from nearly a dozen companies. This data comprised 73.2 million user records from these companies. What is happening The hacker group, earlier this week,… |
| Weekly Threat Briefing: APT Group, Linux Malware, Ransomware and More |
| ThreatStream Blog – May 12 2020 15:00 |
| The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Bugs, Exploit, Healthcare Attacks, Naikon, and Vulnerabilities. The IOCs related to these stories… |
| Researcher finds 1,236 domains infected with credit card stealers |
| MalwareTips.com – May 12 2020 12:20 |
| A security researcher collected in a span of a few weeks over 1,000 domains infected with payment card skimmers, showing that the MageCart continues to be a prevalent threat that preys on insecure web shops. MageCart was first spotted over a decade… |
| FBI, DHS to go public with suspected North Korean hacking tools |
| Cyberscoop – News – May 12 2020 12:12 |
| The FBI and the Department of Homeland Security are preparing to jointly expose North Korean government-backed hacking this week, CyberScoop has learned. Threat data meant to help companies fend off hackers has already been shared with the… |
| Malware |
| Australian Transport Company Hit with Nefilim Ransomware Months after a Maito Ransomware Attack |
| HOTforSecurity – May 12 2020 15:15 |
| … |
| Details of celebrities stolen in REvil ransomware attack on high-profile law firm |
| SiliconANGLE – May 13 2020 02:57 |
| The REvil ransomware hacking group has successfully targeted Grubman Shire Meiselas & Sacks, a high-profile entertainment law firm that represents celebrities such as Lady Gaga, Madonna, Elton John, Barbara Streisand, Bruce Springsteen, Mariah… |
| On the three-year anniversary of WannaCry, US exposes new North Korean malware |
| ZDNet Zero Day Blog – May 12 2020 16:36 |
| US cyber-security officials expose today three new North Korean malware strains named COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH. |
| REvil Ransomware Attack Hits A-List Celeb Law Firm |
| Threatpost.com – May 12 2020 20:53 |
| Cybercriminals used the REvil ransomware to attack a law firm used by the likes of Lady Gaga, Drake and Madonna. Now, they're threatening to leak the 756 gigabytes of stolen data. |
| Vulnerabilities |
| Ongoing Campaigns |
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.