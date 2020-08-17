Cyber Alert – 17 August 2020
This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Karma Panda
|8
|42
|Bisonal Malware
|6
|28
|Adwind RAT
|2
|2
|Drovorub
|5
|90
|Gootkit
|1
|1
|BlackWater Backdoor
|1
|1
|The Shadow Brokers
|1
|2
|Cult of the Dead Cow
|1
|1
|IcedID Trojan
|2
|15
|KONNI malware
|1
|11
|Data Breaches
|Healthcare breaches declined sharply during the first half of 2020
|Help Net Security – News – Aug 17 2020 03:30
|This has been a very challenging year. Despite the COVID-19 outbreak starting in the first half of 2020, data analyzed from the Health and Human Services (HHS) Office for Civil Rights (OCR) Breach Portal shows that the number of patient data…
|Researchers detail a now fixed exploit in Alexa that could have exposed your voice history and personal information
|MalwareTips.com – Aug 16 2020 16:33
|Editor's take: Amazon has patched a serious flaw on its Alexa platform that allowed attackers to grab every bit of information from your Alexa device and Amazon account. This is a reminder that smart assistant devices are as vulnerable as they…
|CSOonline – #DataBreaches and #security incidents are becoming increasingly costly. How much more? One company spent $53 millio… https://t.co/0HgUkdBYaH
|CSOOnline – Twitter – Aug 16 2020 11:06
|#DataBreaches and #security incidents are becoming increasingly costly. How much more? One company spent $53 million after a breach exposed personal information of 2.9 million members. https://trib.al/NzIoDQp
@DanSwinhoe #cybersecurity #ransomware…
|Secnewsbytes – How To Stop Being The Last To Know When Your Data Is Breached https://t.co/6HJeQPzLeq
|Secnewsbytes – Twitter – Aug 16 2020 07:28
|How To Stop Being The Last To Know When Your Data Is Breached https://www.forbes.com/sites/suzannerowankelleher/2019/09/28/how-to-stop-being-the-last-to-know-when-your-data-is-breached/
|Hacker Groups
|Newly discovered APT group RedCurl offering hack-for-hire services, report warns
|Vyagers – RSS – Aug 16 2020 14:17
|…
|RedCurl Cyber Espionage Gang Targets Corporate Secrets
|Vyagers – RSS – Aug 16 2020 11:20
|https://www.databreachtoday.com/redcurl-cyber-espionage-gang-targets-corporate-secrets-a-14819
|StrongPity APT – Revealing Trojanized Tools, Working Hours and Infrastructure
|Vyagers – RSS – Aug 16 2020 19:21
|StrongPity APT – Revealing Trojanized Tools, Working Hours and Infrastructure
|Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia
|Vyagers – RSS – Aug 16 2020 19:25
|Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia
|Malware
|Secnewsbytes – Even malware can have bugs: Emotet gang did not notice it for 6 months https://t.co/N0sDSRgN32
|Secnewsbytes – Twitter – Aug 16 2020 12:20
|Even malware can have bugs: Emotet gang did not notice it for 6 months https://www.2-spyware.com/even-malware-can-have-bugs-emotet-gang-did-not-notice-it-for-6-months
|Emotet Malware Returned with Massive Malspam Campaign
|E Hacking News – Aug 16 2020 16:40
|The Emotet authors are popular for capitalizing on trending events and holidays by disseminating customized templates in form of Christmas and Halloween gathering invites, similarly, the malicious gang has started a new campaign taking advantage of…
|IcedID Shows Obfuscation Sophistication in New Campaign
|MalwareTips.com – Aug 16 2020 18:41
|The malware's developers have turned to dynamic link libraries (DLLs) to hide their work. IcedID is malware that, like many others, is constantly evolving to avoid detection. Recently, researchers found that the malware's developer had implemented a…
|gh0std4ncer – RT @Cryptolaemus1: Emotet Report:
https://t.co/36csaIJgvw
https://t.co/O0vvboVgHL
Emotet Hash Bucket – 25,848 today + 14,897 yesterday for…
|gh0std4ncer – Twitter – Aug 17 2020 05:35
|RT @Cryptolaemus1: Emotet Report:
https://paste.cryptolaemus.com/emotet/2020/08/16/16-emotet-malware-IoCs_08-14-16-20.html
https://pastebin.com/raw/M4j8Qw84
Emotet Hash Bucket – 25,848 today + 14,897 yesterday for 40,745 total of hashes….
|Vulnerabilities
|All about Business Logic Flaws in Web Applications
|InfoSec Bug Bounty Write-ups – RSS – Aug 16 2020 23:33
|Source-GoogleWhat are Business Logic Vulnerabilities?????? Business logic vulnerabilities are ways of using the legitimate processing flow of an application in a way that results in a negative consequence to the organizations. Let’s take an…
|High-Severity TinyMCE Cross-Site Scripting Flaw Fixed
|CERT-EU VulnerabilitiesApplications – Aug 16 2020 13:13
|A high-severity flaw has been disclosed in TinyMCE, an open-source text editor used in the content management systems (CMS) of websites. The recently patched flaw could have been potentially exploited remotely by attackers to gain administrative…
|Secnewsbytes – Cybersecurity: These two basic flaws make it easy for hackers to break into your systems | ZDNet https://t.co/xRxFip7rZs
|Secnewsbytes – Twitter – Aug 16 2020 08:03
|Cybersecurity: These two basic flaws make it easy for hackers to break into your systems | ZDNet https://www.zdnet.com/article/cybersecurity-these-two-basic-flaws-make-it-easy-for-hackers-to-break-into-you-systems/
|kaspersky – A whopping 54 flaws, some critical, have been patched as part of @Google’s most recent update to the #Android OS.… https://t.co/fEA8sr7cQJ
|kaspersky – Twitter – Aug 16 2020 13:00
|A whopping 54 flaws, some critical, have been patched as part of @Google's most recent update to the #Android OS.
Full @threatpost story 👇…
|Ongoing Campaigns
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.