16 November 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Mount Locker Ransomware 3 5
Drovorub 3 11
FakeToken 2 2
Svpeng Trojan 2 2
Asacub Malware 2 2
Hqwar 2 2
Vicious Panda 2 3
VandaTheGod 3 15
Egregor Ransomware 4 13
Shiny Hunters 2 8
Data Breaches
Shiny Hacker hacked Pluto TV service, 3.2M accounts exposedSecurity Affairs – Nov 15 2020 11:02A hacker has shared 3.2 million Pluto TV user accounts on a hacking forum for free, he claims they were stolen by ShinyHunters threat actor. Pluto TV is an American internet television service,…
securityaffairs – #ShinyHunters hacked Pluto TV service, 3.2M accounts exposed
https://t.co/flTEIqFM22
#securityaffairs #hacking
securityaffairs – Twitter – Nov 15 2020 11:07#ShinyHunters hacked Pluto TV service, 3.2M accounts exposed

ShinyHunters hacked Pluto TV service, 3.2M accounts exposed


#securityaffairs #hacking

securityaffairs – #ShinyHunters hacked Pluto TV service,3.2M accounts exposed
https://t.co/flTEIqFM22
#securityaffairs #hacking
securityaffairs – Twitter – Nov 15 2020 20:20#ShinyHunters hacked Pluto TV service,3.2M accounts exposed

ShinyHunters hacked Pluto TV service, 3.2M accounts exposed


#securityaffairs #hacking

Healthcare organizations are sitting ducks for attacks and breachesHelp Net Security – News – Nov 16 2020 06:00Seventy-three percent of health system, hospital and physician organizations report their infrastructures are unprepared to respond to attacks. The survey results estimated 1500 healthcare providers are vulnerable to data breaches of 500 or more…
Hacker Groups
Chat Digest – Ghost Squad Hackers 2020/11/15 22:39 – 22:39 UTC“Ghost Squad Hackers” – Telegram – Nov 15 2020 22:39[22:39] : I’m Online now [22:39] :
Treadstone71LLC – Monte Melkonian Cyber Army destroyed all critical points Azerbaijani “AgroDairy” – Moo https://t.co/8X6NS73mRuTreadstone71LLC – Twitter – Nov 15 2020 15:52Monte Melkonian Cyber Army destroyed all critical points Azerbaijani “AgroDairy” – Moo https://cybershafarat.com/2020/11/15/monte-melkonian-cyber-army-destroyed-all-critical-points-azerbaijani-agrodairy-moo/
g0tmi1k – RT @fozavci: The TA505+ Adversary Simulation exercise presented in Purple Team Summit is available on GitHub. Feel free read, apply or run.…g0tmi1k – Twitter – Nov 15 2020 08:44RT @fozavci: The TA505+ Adversary Simulation exercise presented in Purple Team Summit is available on GitHub. Feel free read, apply or run. Presentation is also uploaded. https://github.com/fozavci/ta505plus
ShinyHunters hacked Pluto TV service, 3.2M accounts exposedTerabitWeb Blog – RSS – Nov 15 2020 11:02Original Post from Security Affairs Author: Pierluigi Paganini A hacker has shared 3.2 million Pluto…
Malware
The Olympic Destroyer – 2018MalwareTips.com – Nov 15 2020 13:53Spoiler: Part 2 Spoiler: Part 3 Olympic Destroyer tells the… Click to expand… Read more
Dinosn – Retail giant Cencosud hit by Egregor Ransomware attack, stores impacted https://t.co/h9wtJQ6UMpDinosn – Twitter – Nov 15 2020 08:15Retail giant Cencosud hit by Egregor Ransomware attack, stores impacted https://www.bleepingcomputer.com/news/security/retail-giant-cencosud-hit-by-egregor-ransomware-attack-stores-impacted/
Egregor ransomware causes printers to spit out ransom notesOffice of Inadequate Security – Nov 16 2020 01:44In a somewhat novel approach to ensuring that their victim knows they have been hacked and their systems locked up, the…
DarkSide ransomware’s Iranian hosting raises U.S. sanction concernsMalwareTips.com – Nov 15 2020 16:47Ransomware negotiation firm Coveware has placed the DarkSide operation on an internal restricted list after the threat actors announced plans to host infrastructure in Iran. When the… Click to expand……
Vulnerabilities
CVEnew – CVE-2020-25694 A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before… https://t.co/Ifka1Ao8EvCVEnew – Twitter – Nov 16 2020 01:45CVE-2020-25694 A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection…
CVEnew – CVE-2020-25695 A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before… https://t.co/T3FEhXzxxiCVEnew – Twitter – Nov 16 2020 01:45CVE-2020-25695 A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary…
CVEnew – CVE-2019-19560 An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with… https://t.co/RPTVZRme3ICVEnew – Twitter – Nov 16 2020 00:45CVE-2019-19560 An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with physical access to device hardware to obtain system information. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19560
CVEnew – CVE-2019-19561 A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct… https://t.co/4JF3KjFuf0CVEnew – Twitter – Nov 16 2020 00:45CVE-2019-19561 A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19561…
Ongoing Campaigns
ENISA: Top 15 Threats: Spam, Phishing, and Malware!CyberCrime & Doing Time – Nov 16 2020 00:03ENISA's Top 15 Threats report starts with this summary document: …
Correction and Update: Mount Locker team denies responsibility for Sonoma Valley Hospital attackDataBreaches.net – Nov 15 2020 20:18On November 9, DataBreaches.net published “Without Undue Delay” which catalogued health sector ransomware attacks where attackers had dumped patient data as part of an attempt to pressure their victims into paying ransom.  That report was…
Security Affairs newsletter Round 289Security Affairs – Nov 15 2020 13:06A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box….
The North Face website suffered a credential stuffing attackSecurity Affairs – Nov 15 2020 14:27Retail giant The North Face has reset the passwords for some of its customers in response to a successful credential stuffing attack. Outdoor retail giant The North Face has forced a password reset for a number of its customers following a…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal