17 October 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
ThunderX Ransomware 7 7
Cobalt Dickens 8 33
Wizard Spider 5 7
Magecart Group 6 9
BazarLoader 6 22
MuddyWater Group 4 7
Ako Ransomware 3 3
LockBit Ransomware 3 8
Tihomirov (Threat Actor) 2 2
Methbot 2 2
Data Breaches
“Panion” Social Media App Exposed User Location DataTechNadu – Oct 16 2020 12:18A Swedish social media app left an AWS S3 bucket exposed to anyone with a web browser. The details that have been compromised include names, emails, images, private chats, and location coordinates. Panion should now undergo a GDPR investigation for…
Cosmote reveals cyber attack exposed telephone data from thousands of customersDataBreaches.net – Oct 16 2020 17:47Greek City Times reports: The largest mobile network operator in Greece, Cosmote, revealed that thousands of customers’ information was accessed during a cyber attack that occurred between September 1-5. The breach took place through a third country,…
Securityblog – RT @pry0cc: Anything you can do with an exposed nessus server?

(External)Securityblog – Twitter – Oct 16 2020 18:30RT @pry0cc: Anything you can do with an exposed nessus server?

(External)

British Airways Fined 20m For Magecart Hack That Exposed 400k Folks Credit Card Details To CrooksSecurityPhresh – Oct 16 2020 12:05Airline was saving domain admin creds and card details alike in plaintext British Airways is to pay a 20m data protection fine after its 2018 Magecart hack even though the Information Commissioners Office discovered the airline had been saving…
Hacker Groups
2020-10-16 – TA551 (Shathak) Word docs push IcedIDMalware-Traffic-Analysis.net – Blog Entries – Oct 16 2020 20:54
FIN11 Hackers Expanding Their Horizon with Hybrid Extortion AttacksCyware – Oct 16 2020 18:36FIN11, a financially-motivated hacker group, has been launching successful hybrid extortion attacks across the Commonwealth of Independent States (CIS) countries. It is believed that the FIN11 operators have changed their TTPs to include a diverse…
Iran-Linked ‘Silent Librarian’ Back at Phishing UniversitiesDataProtectionCenter – RSS – Oct 16 2020 08:54
Iran-Linked ‘Silent Librarian’ Back at Phishing UniversitiesSecurityWeek RSS Feed – Oct 16 2020 08:54Iran-linked state-sponsored threat actor 'Silent Librarian' has launched another phishing campaign targeting universities around the world. Also tracked as TA407 and COBALT DICKENS, the adversary was previously observed…
Malware
malwrhunterteam – After SunCrypt (thread: https://t.co/cbi0idOf5y) started (or better said, first did it publicly), now there is anot… https://t.co/8ABcuYZcCVmalwrhunterteam – Twitter – Oct 16 2020 16:15After SunCrypt (thread: https://twitter.com/malwrhunterteam/status/1313549314363359232) started (or better said, first did it publicly), now there is another ransomware gang that is threatening victim companies with DDoS…
BleepinComputer – The Ako Ransomware operators told us that ThunderX was a test version of their ransomware. They have now rebranded… https://t.co/LZ2uDuh9mqBleepinComputer – Twitter – Oct 16 2020 23:17The Ako Ransomware operators told us that ThunderX was a test version of their ransomware. They have now rebranded Ako and ThunderX into Ranzy Locker.

Article updated.

Ransomware: Once you’ve been hit your business is never the same againZDNet Security – Oct 16 2020 14:46In additional to financial costs and reputational damage, a ransomware attack can also lower the confidence of your information security team too.
Trickbot On The Ropes: Microsoft’s Case Against TrickbotCyberCrime & Doing Time – Oct 16 2020 15:34 Trickbot is having a truly bad time this month!  While as of today, Trickbot binaries are being delivered by Emotet, there is every sign that they are struggling.   Emotet's daily activities are best documented by a team of…
Vulnerabilities
Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135)Help Net Security – News – Oct 16 2020 10:52Earlier this week SonicWall patched 11 vulnerabilities affecting its Network Security Appliance (NSA). Among those is CVE-2020-5135, a critical stack-based buffer overflow vulnerability in the appliances’ VPN Portal that could be exploited…
BrianHonan – via @helpnetsecurity Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135) https://t.co/Et2m4FpuWXBrianHonan – Twitter – Oct 16 2020 11:37via @helpnetsecurity Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135) https://bit.ly/344QYdk
InfoSecHotSpot – Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135) Earlier this week SonicWall patched… https://t.co/9BnFDi9AYtInfoSecHotSpot – Twitter – Oct 16 2020 15:58Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135) Earlier this week SonicWall patched 11 vulnerabilities affecting its Network Security Appliance (NSA). Among those is CVE-2020-5135, a critical stack-based buffer…
thinksnews – Top story: Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135) – Help Net Security… https://t.co/6w5qICjrb0thinksnews – Twitter – Oct 16 2020 15:56Top story: Critical flaw in SonicWall's firewalls patched, update quickly! (CVE-2020-5135) – Help Net Security https://www.helpnetsecurity.com/2020/10/16/cve-2020-5135/, see more http://tweetedtimes.com/thinksnews?s=tnp
Ongoing Campaigns
Google mitigated a 2.54 Tbps DDoS attack in 2017, the largest DDoS ever seenSecurity Affairs – Oct 16 2020 21:50The Google Cloud team revealed that in September 2017 it has mitigated DDoS…
Business Email Compromise Groups Springing up in New LocationsCyware – Oct 16 2020 18:36The Business Email Compromise (BEC) attacks are one the rise globally as new fraud gangs are emerging to trick firms into handing over money. Recently, a security company Agari has detected and analyzed new waves of BEC activities across the globe….
ZDNet – What is a DDoS attack? Everything you need to know about Distributed Denial-of-Service attacks and how to protect a… https://t.co/9gwJe4FxK1ZDNet – Twitter – Oct 17 2020 01:15What is a DDoS attack? Everything you need to know about Distributed Denial-of-Service attacks and how to protect against them…
ZDNet – What is a DDoS attack? Everything you need to know about Distributed Denial-of-Service attacks and how to protect a… https://t.co/w33kuYHRezZDNet – Twitter – Oct 16 2020 16:00What is a DDoS attack? Everything you need to know about Distributed Denial-of-Service attacks and how to protect against them…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal