16 October 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Cobalt Dickens 13 25
FIN11 16 61
Egregor Ransomware 11 13
Dridex Malware 11 19
GozNym Trojan 6 6
Trickbot Malware 33 280
SlothfulMedia 6 8
IAmTheKing 4 4
EMOTET Trojan 24 61
NotPetya Ransomware 3 4
Data Breaches
Barnes & Noble hit by cyberattack that exposed customer dataMalwareTips.com – Oct 15 2020 07:41U.S. Bookstore giant Barnes & Noble has disclosed that they were victims of a cyberattack that may have exposed customers' data. Barnes & Noble is the largest brick-and-mortar bookseller in the United States, with over 600 bookstores in fifty…
Secnewsbytes – Barnes & Noble hit by cyberattack that exposed customer data https://t.co/2QC5qcvSdHSecnewsbytes – Twitter – Oct 15 2020 07:54Barnes & Noble hit by cyberattack that exposed customer data https://www.bleepingcomputer.com/news/security/barnes-and-noble-hit-by-cyberattack-that-exposed-customer-data/
cybersecboardrm – Barnes & Noble hit by cyberattack that exposed customer data #CyberAttack https://t.co/DXcazQs31vcybersecboardrm – Twitter – Oct 15 2020 06:01Barnes & Noble hit by cyberattack that exposed customer data #CyberAttack https://www.bleepingcomputer.com/news/security/barnes-and-noble-hit-by-cyberattack-that-exposed-customer-data/
Hacker Groups
Silent Librarian APT Targeting Universities with Spear Phishing AttacksThe State of Security – Oct 15 2020 11:32Security researchers discovered that an APT group known as “Silent Librarian” is actively targeting universities with spear phishing attacks. Malwarebytes learned in mid-September that Silent Librarian, also known as…
FIN11: Widespread Email Campaigns as Precursor for Ransomware and Data TheftDataBreaches.net – Oct 15 2020 12:31Genevieve Stark, Andrew Moore, Vincent Cannon, Jacqueline O’Leary, Nalani Fraser, and Kimberly Goody of FireEye write: Mandiant Threat Intelligence recently promoted a threat cluster to a named FIN (or financially motivated) threat group for the…
Silent Librarian APT Targets 20/21 Academic yearIBM X-Force Exchange – Advisory Tag – RSS – Oct 15 2020 20:21Summary In an everchanging technological landscape, threat actors continues to leverage the many benefits. As an Iranian APT identified as Silent Librarian has revived previous operations geared towards targeting schools and universities in hopes of…
TeamTNT Attack Highlights the Need for Cloud GovernanceDigitalMunition – Oct 16 2020 04:25We’ve all heard about people exposing vast databases by accident in the cloud, but what about those hapless cloud admins that hand over the reins to their container-based applications? It’s a growing trend, and it’s a symptom of the same problem:…
Malware
Troystealer malware: What it is, how it works and how to prevent it | Malware spotlightSecurity Bloggers Network – Oct 15 2020 13:03We are living in an era where malware is part of our daily lives. Emergent campaigns are increasing, each more sophisticated and harder to detect than the last. Malware can reveal itself through different abnormal behaviors, including a giant wave…
Ryuk: How this Evolving Ransomware is Targeting Giant EnterprisesCyware – Oct 15 2020 18:36Ryuk ransomware has been in the business since 2018 and is known for targeting big organizations. The ransomware is operated by a Russia-based criminal group known as Wizard Spider. Recently, Ryuk has been observed deploying BazarLoader , a trojan…
InfoSecHotSpot – IAmTheKing and the SlothfulMedia malware family The DHS CISA agency released information about a malware family cal… https://t.co/2vWpmKgt2xInfoSecHotSpot – Twitter – Oct 15 2020 14:58IAmTheKing and the SlothfulMedia malware family The DHS CISA agency released information about a malware family called SlothfulMedia, which they attribute to a sophisticated threat actor. We have been tracking this set of activity through our private…
The Ryuk Ransomware Gang Is Surely Not Dead or Replaced by ContiTechNadu – Oct 15 2020 10:03The Ryuk group of actors has re-emerged from the shadows, targeting a corporate network with new tricks. The hackers demonstrate a shift from botnets to “hands-on” tools like Cobalt Strike and GMER. The attack relied on the launch of a sophisticated…
Vulnerabilities
EduardKovacs – The United States Cyber Command warns that users should apply the recent patches for Microsoft software, particular… https://t.co/mGohwUh5gUEduardKovacs – Twitter – Oct 15 2020 11:39The United States Cyber Command warns that users should apply the recent patches for Microsoft software, particularly for the “Bad Neighbor” Ping of Death Windows flaw….
johullrich – Quick blog post about CVE-2020-16898 and “Bad Neighbor” vulnerability. It’s not the end of the world. #cve202016898… https://t.co/5QHF5uIozajohullrich – Twitter – Oct 15 2020 18:42Quick blog post about CVE-2020-16898 and "Bad Neighbor" vulnerability. It's not the end of the world. #cve202016898 #ipv6 #BadNeighbor
Community detection: CVE-2020-16898Security Bloggers Network – Oct 15 2020 17:00By Ben Reardon, Corelight Security Researcher This month’s Microsoft Patch Tuesday included a severe Remote Code Execution vulnerability in the way that Windows TCP/IP handles IPv6 “Router Advertisement” ICMP messages. Due to the severity and wide…
CVE-2020-15157 “ContainerDrip” Write-upReddit – Netsec – Oct 16 2020 03:43submitted by /u/freakwin [link] [comments]
Ongoing Campaigns
Operation QuicksandClearSky Cybersecurity – Oct 15 2020 15:00During September 2020, we identified a new campaign targeting many prominent Israeli organizations. The campaign was attributed to the Iranian threat actor ‘MuddyWater’ (also known as TEMP.Zagros, Static Kitten and Seedworm). MuddyWater…
COVID-19 Attacks – Defending Your OrganizationThreatStream Blog – Oct 15 2020 14:00Overview The Coronavirus 2019 (COVID-19) global pandemic has caused widespread fear of the unknown and deadly aspects of this novel virus, generated growth in certain industries to combat it, and created a shift toward remote work environments to…
What Is a Vishing Attack and How to Protect Yourself Against It?TechNadu – Oct 15 2020 13:40You’ve probably heard of phishing . It’s a scamming technique where an email or other digital message is sent to you, pretending to be a bank or online service. You’ll be told something is amiss. Perhaps your password has expired, or it’s your…
What Is A DDoS Attack? Everything You Need To Know About Distributed Denial-of-Service Attacks And How To Protect Against ThemSecurityPhresh – Oct 15 2020 12:03DDoS attacks are one of the crudest forms of cyberattacks, but theyre also one of the most powerful and can be difficult to stop. Learn how to identify and protect against DDoS attacks with this guide.

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal