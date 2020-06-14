Silobreaker

Cyber Alert – 14 June 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Black Kingdom Ransomware 3 4
Gamaredon Group 4 28
Parallax RAT 2 2
ActionSpy 2 11
BluTeal Trojan 1 1
Donot Team 1 1
TA505 1 5
Valak Malware 2 15
APT28 1 6
Shiny Hunters 1 1
Data Breaches
Secnewsbytes – Hackers are quick to notice exposed Elasticsearch servers https://t.co/RaJXy9saBe
Secnewsbytes – TwitterJun 13 2020 08:05
Hackers are quick to notice exposed Elasticsearch servers https://www.bleepingcomputer.com/news/security/hackers-are-quick-to-notice-exposed-elasticsearch-servers/
Secnewsbytes – Italian company exposed as a front for malware operations | ZDNet https://t.co/ltdg9bBPve
Secnewsbytes – TwitterJun 13 2020 08:24
Hacker Groups
Team GhostShell are back with a bang
TSecurity.deJun 13 2020 19:31
They are back again after almost three years! Team GhostShell, a well-known hacking group, has returned with hacks and database leaks. The hacking group claims to have leaked data from various websites within 24 hours. On June 29, the team posted on…
Gamaredon Group Using Fresh Tools to Target Outlook
CyberSecurityBoard.com – RSSJun 13 2020 22:47
The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact … …
Malware
Ransomware victims keep paying, and ransomware groups keep growing
Office of Inadequate SecurityJun 13 2020 13:44
Graham Cluley writes: The City of Florence in northern Alabama has agreed to pay a ransom of US $300,000 worth of Bitcoin to…
Black Kingdom ransomware hacks networks with Pulse VPN flaws
BleepingComputer.comJun 13 2020 14:15
Operators of Black Kingdom ransomware are targeting enterprises with unpatched Pulse Secure VPN software or initial access on the network, security researchers have found. […]
jabolins – RT @chey_cobb: Ransomware ~
Cyber gangs often inhabit a network for months doing recon work before they activate ransomware. You practical…
jabolins – TwitterJun 13 2020 12:05
RT @chey_cobb: Ransomware ~
Cyber gangs often inhabit a network for months doing recon work before they activate ransomware. You practically have to rebuild a network from scratch to get rid of all the hidden malicious code that comes with these…
kaspersky – Searching around for a STOP/Djvu ransomware decryptor? Be on the lookout for fake decryptors created by cybercrimin… https://t.co/2GTQRmxukg
kaspersky – TwitterJun 13 2020 20:33
Searching around for a STOP/Djvu ransomware decryptor? Be on the lookout for fake decryptors created by cybercriminals used to distribute ransomware. https://kas.pr/za9v https://twitter.com/kaspersky/status/1271903437937152006/photo/1
Vulnerabilities
Ongoing Campaigns
Let’s Bypass CSRF Protection & Password Confirmation to Takeover Victim Accounts 😀
InfoSec Bug Bounty Write-ups – RSSJun 13 2020 12:28
Let’s Bypass CSRF Protection & Password Confirmation to Takeover Victim Accounts :D Cross-Site Request Forgery (CSRF) is hardly seen with new frameworks but is yet exploitable like old beautiful days. CSRF, a long story short is an attack…

