Cyber Alert – 17 March 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|APT36
|6
|6
|DarkComet
|3
|3
|MSIL/Crimson
|3
|3
|BreachRAT
|3
|3
|LuminosityLink RAT
|3
|3
|CovidLock
|3
|4
|PXJ Ransomware
|3
|6
|njRAT Malware
|3
|11
|SWEED
|2
|2
|GlobeImposter Ransomware
|2
|2
|Data Breaches
|Princess Cruises reports 2019 data breach
|IT Security Guru – Mar 16 2020 11:05
|Princess Cruises has reported a data breach where an unsanctioned third party gained unauthorised access to some employee email accounts that contained personal information regarding its employees, crew, and guests. The company identified suspicious…
|Illinois College Suffers Data Breach
|Infosecurity – Latest News – Mar 16 2020 19:07
|Illinois College Suffers Data Breach An Illinois college is offering nearly free credit monitoring to over 1,700 current and former employees following a recent data breach. Officials at the College of…
|Aerial Direct, the O2’s largest UK partner suffered a data breach
|Security Affairs – Mar 16 2020 22:53
|Hackers have stolen O2 customers’ data from a database run by Aerial Direct, one of the largest UK partners of the telecommunications services provider. Hackers have stolen the data of O2 customers from a database operated by Aerial Direct, which…
|Open Exchange Rates discloses a security breach
|Security Affairs – Mar 16 2020 10:56
|Last week, Open Exchange Rates disclosed a data breach that exposed the personal information and hashed passwords for customers of its API service. Last week, the currency data provider Open Exchange Rates has disclosed a data breach that exposed…
|Hacker Groups
|APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
|Malwarebytes Unpacked – Mar 16 2020 15:00
|Since the coronavirus became a worldwide health issue, the desire for more information and guidance from government and health authorities has reached a fever pitch. This is a …
|Threat group dons COVID guise for cyber-attack
|SC Magazine UK – Mar 16 2020 17:10
|51 minutes ago News by Chandu Gopalakrishnan Nation-state threat groups have joined cyber-criminals and phishing cartels in using the COVID-19 scare for targeted attacks. Nation-state threat groups have joined cyber-criminals and phishing cartels in…
|COVID-19 Themed Phishing Campaigns Continue
|SecurityPhresh – Mar 16 2020 15:22
|Another COVID-19 (Coronavirus) phishing campaign has been discovered — this one apparently operated by the Pakistan-based APT36, which is thought to be nation-backed. APT36 has been active since 2016, and possibly earlier, performing cyber…
|Foreign APT groups use coronavirus phishing lures to drop RAT malware
|SC Magazine US – Mar 16 2020 20:52
|Each day, as the novel coronavirus multiplies and spreads, so do cyber scams capitalizing on users’ fears and thirst for knowledge concerning this pandemic. The perpetrators, and their victims, are based all over the world, as evidenced by two…
|Malware
|CoronaVirus Ransomware
|Security Bloggers Network – Mar 17 2020 00:12
|These days, when the world is focused on getting a handle on the COVID-19 crisis, cybercriminals are taking advantage of our desire for information. We’re seeing all kinds of attacks leveraging the Coronavirus or COVID-19… The post …
|PXJ Ransomware Campaign Identified by X-Force IRIS
|DataBreaches.net – Mar 16 2020 11:45
|Megan Roddie and Limor Kessem write: In a recent analysis from IBM’s X-Force Incident Response and Intelligence Services (IRIS), our team discovered activity related to a new strain of ransomware known as “PXJ” ransomware. This malware is also known…
|2020-03-16 – Quick post: malspam known for Ursnif switches to IcedID
|Malware-Traffic-Analysis.net – Blog Entries – Mar 17 2020 00:51
|Experts warn of a new strain of ransomware, the PXJ Ransomware
|Security Affairs – Mar 16 2020 08:40
|Experts warn of a new malware strain, dubbed PXJ Ransomware, that does share the same underlying code with existing ransomware families. Security experts from IBM X-Force have spotted a new strain of ransomware, dubbed PXJ Ransomware, that does…
|Vulnerabilities
|Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw
|Security Affairs – Mar 16 2020 20:00
|Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. Organizations are delaying in patching Microsoft Exchange Server flaw (…
