13 October 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Trickbot Malware 131 177
Ryuk Ransomware 19 50
Clop Ransomware 11 35
BazarLoader 9 16
BazarBackdoor 9 19
LulzSec 3 3
Trickbot Gang 3 4
Maze Ransomware 8 15
Feodo Trojan 2 2
Dyreza Trojan 2 2
Data Breaches
Secnewsbytes – Prison video visitation system exposed calls between inmates and lawyers | Engadget https://t.co/uONwZGBsvvSecnewsbytes – Twitter – Oct 12 2020 07:52Prison video visitation system exposed calls between inmates and lawyers | Engadget https://www.engadget.com/prison-video-visitation-exposed-inmate-attorney-calls-194445024.html
Children and parent info exposed in Georgia DHS data breachSeclists.org – Data Loss – Oct 12 2020 14:35Posted by Destry Winant on Oct 12 https://www.zdnet.com/article/children-and-parent-info-exposed-in-georgia-dhs-data-breach/ Information for children and parents was accessed by hackers over the summer, the Georgia Department of Human Services…
Secnewsbytes – Children and parent info exposed in Georgia DHS data breach | ZDNet https://t.co/Ls0WhJloOeSecnewsbytes – Twitter – Oct 12 2020 14:42Children and parent info exposed in Georgia DHS data breach | ZDNet https://www.zdnet.com/article/children-and-parent-info-exposed-in-georgia-dhs-data-breach/
Potential data breach exposed in state’s travel exemption request systemSeclists.org – Data Loss – Oct 12 2020 14:34Posted by Destry Winant on Oct 12…
Hacker Groups
Chat Digest – The 👻Shadow 👻Brokers 2020/10/12 16:21 – 16:21 UTC“The 👻Shadow 👻Brokers” – Telegram – Oct 12 2020 16:21[16:21] : /delall
nicoleperlroth – Most people in cybersecurity don’t know where the term “Advanced Persistent Threat” or “APT” came from. Now you kno… https://t.co/NTQHmuQaSFnicoleperlroth – Twitter – Oct 12 2020 05:09Most people in cybersecurity don't know where the term "Advanced Persistent Threat" or "APT" came from. Now you know.
BlackBerry uncovers massive hack-for-hire group BAHAMUTSecurity Magazine – Oct 12 2020 11:41BlackBerry released new research highlighting the true reach and sophistication of one of the most elusive, patient, and effective publicly known threat actors – BAHAMUT. In the report, BlackBerry researchers link the cyberespionage threat group to a…
Chat Digest – The 👻Shadow 👻Brokers 2020/10/12 16:21 – 16:41 UTC“The 👻Shadow 👻Brokers” – Telegram – Oct 12 2020 16:21[16:21] : /delall [16:26] : /delall [16:41] : Deleting…
Malware
Metacurity – RT @joetidy: Microsoft says it’s behind a big operation to take out a massive botnet called Trickbot that posed a risk of ransomware to US…Metacurity – Twitter – Oct 12 2020 13:37RT @joetidy: Microsoft says it’s behind a big operation to take out a massive botnet called Trickbot that posed a risk of ransomware to US Election. ‘We disrupted Trickbot through a court order… We have now cut off key infrastructure to prevent new…
InfoSecHotSpot – Microsoft on the counter­attack! Trickbot malware network takes a hit The crooks haven’t yet been caught and arrest… https://t.co/mL3grRwauNInfoSecHotSpot – Twitter – Oct 13 2020 01:58Microsoft on the counter­attack! Trickbot malware network takes a hit The crooks haven't yet been caught and arrested, but their malware distribution network has been hit hard. https://bit.ly/36VxaLn…
BazarLoader used to deploy Ryuk ransomware on high-value targetsMalwareTips.com – Oct 12 2020 17:01The TrickBot gang operators are increasingly targeting high-value targets with the new stealthy BazarLoader trojan before deploying the Ryuk ransomware. […] In April 2020,…
GossiTheDog – No BazarLoader runs today.GossiTheDog – Twitter – Oct 12 2020 21:11No BazarLoader runs today.
Vulnerabilities
virusbtn – Microsoft reports that ransomware gangs like TA505 are now exploiting the ZeroLogon (CVE-2020-1472) vulnerability i… https://t.co/JdvGkq5lzHvirusbtn – Twitter – Oct 12 2020 12:41Microsoft reports that ransomware gangs like TA505 are now exploiting the ZeroLogon (CVE-2020-1472) vulnerability in unpatched domain controllers…
CVE-2020-1472: Advanced Persistent Threat Actors Use Zerologon Vulnerability In Exploit Chain with Unpatched VulnerabilitiesTenable Blog – Oct 12 2020 21:54U.S. Government agencies issue joint cybersecurity advisory cautioning that advanced threat groups are chaining vulnerabilities together to gain entry into government networks and elevate privileges. Background On October 9, the Cybersecurity…
securityaffairs – RT @benvon: Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns https://t.co/gTVK727kR9 from @securityaffairssecurityaffairs – Twitter – Oct 12 2020 20:38RT @benvon: Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns https://buff.ly/2IgZcqq from @securityaffairs
EduardKovacs – CISA and the FBI have spotted attacks aimed at government organizations in which attackers have chained the Zerolog… https://t.co/xz7LoTsUrMEduardKovacs – Twitter – Oct 12 2020 13:31CISA and the FBI have spotted attacks aimed at government organizations in which attackers have chained the Zerologon vulnerability with flaws impacting Fortinet and MobileIron products….
Ongoing Campaigns
Hackers Backstabbing Organizations with Supply Chain AttacksCyware – Oct 12 2020 18:36Supply chain attacks, which are sometimes referred to as third-party attacks, can open target-rich surfaces for adversaries. According to a recent report from Accenture, these attacks are seen as one of the key trends in the future, risking the…
Anatomy Of Ryuk Attack: 29 Hours From Initial Email To Full CompromiseSecurityPhresh – Oct 13 2020 03:37An attack involving the Ryuk ransomware required 29 hours from an email being sent to the target to full environment compromise and the encryption of systems, according to the DFIR Report, a project that provides threat intelligence from real…
Microsoft and partners unite to target Trickbot infrastructure in legal takedownSC Magazine US – Oct 12 2020 16:44Microsoft announced Monday morning that it has obtained a court order to dismantle Trickbot, a notorious botnet composed of millions of devices that U.S. officials worry could be used to sabotage state and local election-related IT systems ahead of…
Phishing Awareness Training Effective Only for a Few MonthsLIFARS Blog – Oct 12 2020 13:15In the majority of cyber breaches, phishing attacks are the root cause. Phishing awareness training sensitizes a company’s employees to possible phishing attacks….

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal