Cyber Alert – 16 July 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|APT34
|13
|16
|Grandoreiro Malware
|10
|13
|Guildma Trojan
|9
|12
|Melcoz
|9
|18
|Javali Trojan
|9
|19
|GoldenHelper
|6
|16
|Stuxnet
|8
|12
|EMOTET Trojan
|6
|14
|WannaCry Ransomware
|5
|10
|Gaza Cybergang
|3
|6
|Data Breaches
|Digital Shadows launches validation for exposed credentials alerting, enabling organizations to find out instantly if breached login details are a current risk
|Security Bloggers Network – Jul 15 2020 13:51
|New service leverages database of 15 billion breached credentials to remove the time spent triaging invalid or duplicate entries London and San Francisco, July 15, 2020 – Digital Shadows, the leader in digital risk protection, has today…
|UK: South East Coast Ambulance employee personal and medical details exposed
|DataBreaches.net – Jul 15 2020 11:53
|Charlie Harman reports: The South East Coast Ambulance Service has experienced a massive data breach and has referred itself to a privacy watchdog. In May, the personal and medical details of all ambulance staff could have been seen by employees…
|No-Log VPNs Exposed Users’ Logs and Personal Details for All to See
|Office of Inadequate Security – Jul 15 2020 15:43
|Ugh. vpnMentor reports: A group of free VPN (virtual private network) apps left their server completely open and…
|Hacker Groups
|Exclusive, Ghost Squad Hackers defaced European Space Agency (ESA) site
|CERT-EU – Latest Articles Ongoing Threats – RSS – Jul 15 2020 13:44
|Read the original article: Exclusive, Ghost Squad Hackers defaced European Space Agency (ESA) site A group of hacktivists that goes online with the name Ghost Squad Hackers has defaced a site of the European Space Agency (ESA). A group of hackers…
|CIA behind APT34 and FSB hacks and data dumps
|Hacker News – Jul 15 2020 13:51
|Comments
|Malware
|GoldenHelper, a new malware delivered via Chinese tax software
|Security Affairs – Jul 15 2020 11:32
|Security researchers discovered another malware family delivered through tax software that some businesses operating in China are required to install. Security researchers at Trustwave have discovered another malware family delivered through tax…
|Code analysis of CryCryptor Ransomware and its vulnerability that allowed to create a decryption tool
|Reverse Engineering – Jul 15 2020 09:57
|submitted by /u/barakadua131 [link] [comments]
|10th Anniversary Of The Stuxnet Virus – What Is Its Significance Today?
|Information Security Buzz – Jul 15 2020 10:54
|marks 10 years since the Stuxnet virus was revealed, the malicious worm that infected 100,000 computers .
|Vulnerabilities
|PATCH NOW – SIGRed – CVE-2020-1350 – Microsoft DNS Server Vulnerability, (Wed, Jul 15th)
|CERT-EU VulnerabilitiesApplications – Jul 15 2020 07:54
|* THIS POST WILL BE UPDATED AS NEW INFORMATION BECOMES AVAILABLE * Yesterday, Microsoft released a patch for CVE-2020-1350, fixing a critical vulnerability in it's DNS server. The vulnerability is 17 years old. All current versions of Microsoft's…
|Oracle releases fix for 443 vulnerabilities affecting 130 products. 100 flaws with CCV score of 9.8 or higher
|CERT-EU VulnerabilitiesApplications – Jul 15 2020 23:55
|Oracle Communications Applications. Patches for Oracle Communications Applications include 60 updates; 46 of these vulnerabilities could even be remotely exploited with no victims’ interaction. Oracle E-Business Suite. This product received 30 new…
|Ongoing Campaigns
|20% of credential stuffing attacks target media companies
|Help Net Security – News – Jul 16 2020 04:00
|The media industry suffered 17 billion credential stuffing attacks between January 2018 and December 2019, according to a report from Akamai. The apparent fourfold increase in attacks is partly attributable to the enhanced visibility into the…
|Yet Another Huge DDoS Attack Disclosed – Cloudflare Networks Flooded
|Cyware – Jul 15 2020 06:54
|There has been a surge in Internet traffic and DDoS attacks, and over time, the complexity of these attacks has been elevating. Amidst the COVID-19 pandemic, hackers are trying to find new and challenging ways to penetrate the network, as was…
|SMS Phishing Scam Targeting HSBC UK Customers
|Cyware – Jul 15 2020 06:54
|In recent times, there has been an increase in sophisticated phishing scams designed to trick victims into handing over their personal financial details. A similar SMS phishing (SMShing) attack has been observed targeting HSBC UK customers recently. W…
|‘Tetrade’ Brazilian Banking Trojans Go International
|Security Week – Jul 15 2020 14:06
|The Brazilian cybercriminals behind four banking Trojans collectively dubbed “Tetrade” have decided to expand their business and started targeting victims internationally, Kaspersky’s security researchers reveal. The four banking Trojan families –…
