Cyber Alert – 14 June 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Black Kingdom Ransomware
|3
|4
|Gamaredon Group
|4
|28
|Parallax RAT
|2
|2
|ActionSpy
|2
|11
|BluTeal Trojan
|1
|1
|Donot Team
|1
|1
|TA505
|1
|5
|Valak Malware
|2
|15
|APT28
|1
|6
|Shiny Hunters
|1
|1
|Hacker Groups
|Team GhostShell are back with a bang
|TSecurity.de – Jun 13 2020 19:31
|They are back again after almost three years! Team GhostShell, a well-known hacking group, has returned with hacks and database leaks. The hacking group claims to have leaked data from various websites within 24 hours. On June 29, the team posted on…
|Gamaredon Group Using Fresh Tools to Target Outlook
|CyberSecurityBoard.com – RSS – Jun 13 2020 22:47
|The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact … …
|Malware
|Ransomware victims keep paying, and ransomware groups keep growing
|Office of Inadequate Security – Jun 13 2020 13:44
|Graham Cluley writes: The City of Florence in northern Alabama has agreed to pay a ransom of US $300,000 worth of Bitcoin to…
|Black Kingdom ransomware hacks networks with Pulse VPN flaws
|BleepingComputer.com – Jun 13 2020 14:15
|Operators of Black Kingdom ransomware are targeting enterprises with unpatched Pulse Secure VPN software or initial access on the network, security researchers have found. […]
|jabolins – RT @chey_cobb: Ransomware ~
Cyber gangs often inhabit a network for months doing recon work before they activate ransomware. You practical…
|jabolins – Twitter – Jun 13 2020 12:05
|RT @chey_cobb: Ransomware ~
Cyber gangs often inhabit a network for months doing recon work before they activate ransomware. You practically have to rebuild a network from scratch to get rid of all the hidden malicious code that comes with these…
|kaspersky – Searching around for a STOP/Djvu ransomware decryptor? Be on the lookout for fake decryptors created by cybercrimin… https://t.co/2GTQRmxukg
|kaspersky – Twitter – Jun 13 2020 20:33
|Searching around for a STOP/Djvu ransomware decryptor? Be on the lookout for fake decryptors created by cybercriminals used to distribute ransomware. https://kas.pr/za9v https://twitter.com/kaspersky/status/1271903437937152006/photo/1
|Vulnerabilities
|Ongoing Campaigns
|Let’s Bypass CSRF Protection & Password Confirmation to Takeover Victim Accounts 😀
|InfoSec Bug Bounty Write-ups – RSS – Jun 13 2020 12:28
|Let’s Bypass CSRF Protection & Password Confirmation to Takeover Victim Accounts :D Cross-Site Request Forgery (CSRF) is hardly seen with new frameworks but is yet exploitable like old beautiful days. CSRF, a long story short is an attack…
