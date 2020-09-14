Cyber Alert – 14 September 2020
|Data Breaches
|Users of adult dating sites exposed in Mailfire data leak
|SiliconANGLE – Sep 14 2020 02:11
|A database belonging to an online marketing company has been found exposed online, with most of the records relating to users of adult dating websites. Discovered by researchers at vpnMentor and publicized today, the 882-gigabyte database was traced…
Razer data leak exposes personal information of gamers
|Metacurity – Twitter – Sep 13 2020 15:21
|Razer data leak exposes personal information of gamers https://www.bleepingcomputer.com/news/security/razer-data-leak-exposes-personal-information-of-gamers/#.X1441oic6IU.twitter
Active #phishing against @PayPal & @apple customers. Several domains hosted at 104.131.127[.]23. Kit exposed: "Fu*kEd By [!]DNThirTeen
|peterkruse – Twitter – Sep 13 2020 05:18
|Active #phishing against @PayPal & @apple customers. Several domains hosted at 104.131.127[.]23. Kit exposed: "Fu*kEd By [!]DNThirTeen
https://www.facebook[.com/groups/L34K.C0de/" https://twitter.com/peterkruse/status/1305012988257148928/photo/1
@jcase I heard rumors that there was some sort of partnership with Microsoft to include secret signatures to track down bad actors that would also be exposed, though I never saw them in the signatures.
|ErrataRob – Twitter – Sep 14 2020 02:35
|@jcase I heard rumors that there was some sort of partnership with Microsoft to include secret signatures to track down bad actors that would also be exposed, though I never saw them in the signatures.
|Hacker Groups
According to Microsoft, STRONTIUM (Russia's Fancy Bear) is behind a newly uncovered pattern of Office 365 credential harvesting activity aimed at US and UK organizations directly involved in political…
|TheHackersNews – Twitter – Sep 13 2020 16:32
|According to Microsoft, STRONTIUM (Russia’s Fancy Bear) is behind a newly uncovered pattern of Office 365 credential harvesting activity aimed at US and UK organizations directly involved in political…
APT Groups Increasingly Targeting Linux-Based Devices
|Infosecurity – Twitter – Sep 14 2020 02:37
|APT Groups Increasingly Targeting Linux-Based Devices http://dlvr.it/RgXxTW https://twitter.com/Infosecurity/status/1305334839403450368/photo/1
|Malware
|bartblaze – @silascutler @campuscodi @Prof_Rege Yeap indeed, CryptoLocker paved the way for others (CTB-Locker, CryptoWall whic… https://t.co/pToNJOsc5R
|bartblaze – Twitter – Sep 13 2020 16:20
|@silascutler @campuscodi @Prof_Rege Yeap indeed, CryptoLocker paved the way for others (CTB-Locker, CryptoWall which is also mentioned etc.), but the term "CryptoLocker" was also used to (mis)label any ransomware that encrypted files. Then 2016…
|Securityblog – RT @bad_packets: “Based on cyber insurance claims filed by customers who faced a ransomware attack in the first half of 2020, Coalition sai…
|Securityblog – Twitter – Sep 13 2020 11:31
|RT @bad_packets: "Based on cyber insurance claims filed by customers who faced a ransomware attack in the first half of 2020, Coalition said the Maze ransomware gang was the most greedy, with the group requesting ransom demands six times larger than…
|bartblaze – @silascutler @campuscodi @Prof_Rege Leaning towards the latter as well – I wonder if there’s much difference in res… https://t.co/vd7vWqGHQW
|bartblaze – Twitter – Sep 13 2020 16:01
|@silascutler @campuscodi @Prof_Rege Leaning towards the latter as well – I wonder if there's much difference in results for targeted sectors when we start counting from 2016, when actual targeted ransomware became more of a thing (SamSam and the…
|Fairfax County Public Schools hit by Maze ransomware
|Security Affairs – Sep 13 2020 17:08
|Fairfax County Public Schools (FCPS), one of the largest school divisions in the US, was hit by Maze ransomware operators. Fairfax County Public Schools (FCPS) was victim of an attack carried out by the Maze ransomware operators. FCPS is one…
|Vulnerabilities
|WILL THE NEW SHAREPOINT FLAW BECOME AN ACTORS’ FAVORITE?
|SenseCy Blog – Sep 13 2020 18:12
|…
|Test tool for CVE-2020-1472 (DC auth bypass)
|Reddit – Netsec – Sep 13 2020 11:06
|submitted by /u/djrevmoon [link] [comments]
|Week in review: PAN-OS flaws, securing AD accounts against password-based attacks
|Help Net Security – News – Sep 13 2020 09:00
|Here’s an overview of some of last week’s most interesting news, interviews and articles: Popular Android apps are rife with cryptographic vulnerabilities Columbia University researchers have released Crylogger, an open source dynamic…
Week in review: PAN-OS flaws, securing AD accounts against password-based attacks
|helpnetsecurity – Twitter – Sep 13 2020 10:00
|Week in review: PAN-OS flaws, securing AD accounts against password-based attacks – https://www.helpnetsecurity.com/2020/09/13/week-in-review-pan-os-flaws-securing-ad-accounts-against-password-based-attacks/…
|Ongoing Campaigns
|Security Affairs newsletter Round 281
|Security Affairs – Sep 13 2020 11:53
|A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box….
