17 September 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
TheDarkOverlord 19 19
CraftyCockney 5 5
Dridex Malware 6 12
EMOTET Trojan 17 61
KBOT Virus 2 2
Cridex Trojan 2 2
404 Keylogger 2 3
Trickbot Malware 6 41
WastedLocker 2 5
RansomExx Ransomware 2 7
Data Breaches
Data Leak: Unsecured Server Exposed 6.5TB Bing Mobile App DataReddit – Netsec – Sep 21 2020 18:25submitted by /u/FlameOfIgnis [link] [comments]
Secnewsbytes – Data Leak: Unsecured Server Exposed Bing Mobile App Data https://t.co/5NdEpjES7uSecnewsbytes – Twitter – Sep 22 2020 07:46Data Leak: Unsecured Server Exposed Bing Mobile App Data https://www.wizcase.com/blog/bing-leak-research/
Email bungle exposed University of Tasmania students’ personal informationIT Security Guru – Sep 21 2020 11:05The University of Tasmania has realised an official apology after an email bugle released around 20,000 students personal details to the universities entire faculty. The information was made public from Microsoft Office365’s SharePoint platform,…
Legal misinterpretation to blame for delay in reporting Kentucky unemployment breachDataBreaches.net – Sep 21 2020 13:36Matthew Glowicki reports: An inspector general report has found there were “unacceptable” delays in reporting an April security breach of Kentucky’s unemployment system but that residents’ personal information doesn’t…
Hacker Groups
Member of thedarkoverlord sentenced to 60 months and $1.4 million in restitutionOffice of Inadequate Security – Sep 21 2020 21:08The first — and so far, only — person to have been arrested and charged as a member of…
British ‘Dark Overlord’ hacker jailed for five years in USSky News Latest – Sep 22 2020 04:09A British man who helped steal information from several companies as a key member of The Dark Overlord hacking group has been jailed for five years in the US.
Grayfly and Blackfly Cyberespionage ActivityIBM X-Force Exchange – Advisory Tag – RSS – Sep 21 2020 18:53Summary Stemming from the recent indictments of Chinese cyber criminals by the US, Symantec reports on activity tied to Blackfly and Grayfly (collectively known as APT41). Threat Type Malware, Backdoor, APT Overview Symantec has published a report on…
Dark Overlord Hacker Sentenced To 5 Years In PrisonSecurityPhresh – Sep 22 2020 08:15A United Kingdom national who was a member of The Dark Overlord hacking group was sentenced to five years in federal prison, the United States Department of Justice announced this week.read more
Malware
WastedLocker explained: How this targeted ransomware extorts millions from victimsCSO Online News – Sep 22 2020 10:00WastedLocker definition WastedLocker is a ransomware program that started hitting businesses and other organizations in May 2020 and is known for its high ransom demands reaching millions of dollars per victim. It is the creation of a group of…
Qbot Strikes Big, Secures Position Among Top Malware ThreatsCyware – Sep 21 2020 18:36Qbot malware has been on the prowl since 2008 and is being continually upgraded with new features. It now uses sophisticated techniques for stealing credentials and installing ransomware payloads. With a myriad of weapons in its repository, it is the…
Ransomware is evolving, but the key to preventing attacks remains the sameZDNet Security – Sep 21 2020 14:58Ransomware attacks continue to adapt and evolve. That doesn't mean they can't be stopped, or that paying up is the only option.
virusbtn – IPG Photonics, a US laser developer, hit with RansomExx ransomware https://t.co/1Zeye713LP https://t.co/yTS4kiH4dEvirusbtn – Twitter – Sep 21 2020 11:44IPG Photonics, a US laser developer, hit with RansomExx ransomware https://www.bleepingcomputer.com/news/security/leading-us-laser-developer-ipg-photonics-hit-with-ransomware/ https://twitter.com/virusbtn/status/1308009084172599299/photo/1
Vulnerabilities
CISA Pushes Gov’t Agencies to Patch ‘Zerologon’ FlawBank Info Security – Sep 22 2020 06:55Federal Agencies Need to Report Compliance by Wednesday U.S. government agencies are supposed to have now patched the "Zerologon" vulnerability by now, about six weeks after Microsoft issued a patch. CISA warns that too many systems remain unpatched.
thinksnews – CISA Pushes Gov’t Agencies to Patch ‘Zerologon’ Flaw https://t.co/U2lotNrGXj #infosec #databreach #breach https://t.co/qPJN9JkQPIthinksnews – Twitter – Sep 22 2020 07:15CISA Pushes Gov't Agencies to Patch 'Zerologon' Flaw https://www.databreachtoday.com/cisa-pushes-govt-agencies-to-patch-zerologon-flaw-a-15032 #infosec #databreach #breach https://twitter.com/thinksnews/status/1308303855495663616/photo/1
GossiTheDog – This is a really good and balanced piece on Zerologon, hitting on a detail I think may people have missed – there’s… https://t.co/aTNDUZ9iKpGossiTheDog – Twitter – Sep 22 2020 02:47This is a really good and balanced piece on Zerologon, hitting on a detail I think may people have missed – there’s a lot of directly internet accessible domain controllers….
Metacurity – STOP AND PATCH ASAP: Zerologon Flaw Poses Unacceptable Risk CISA Says by @Metacurity https://t.co/hE4KzzT0zsMetacurity – Twitter – Sep 21 2020 22:00STOP AND PATCH ASAP: Zerologon Flaw Poses Unacceptable Risk CISA Says by @Metacurity https://metacurity.substack.com/p/stop-and-patch-asap-zerologon-flaw?r=12sjv&utm_campaign=post&utm_medium=web&utm_source=twitter
Ongoing Campaigns
Cyber News Rundown: Magecart Massive AttackWebroot Threat Blog – Sep 21 2020 14:55Reading Time: ~ 2 min. Magecart Launches Largest E-commerce Attack to Date Roughly 2000 e-commerce sites were compromised in the latest Magecart campaign targeting an out-of-date version of Magento software. It’s believed an additional 95,000 sites…
9 top anti-phishing tools and servicesCSO Magazine – Sep 22 2020 10:12Phishing ranks low on the list of cyberattacks in terms of technological sophistication. Even more sophisticated phishing variants like spear phishing (focused and often personalized phishing attacks) and whaling (phishing attacks focused on…
Education Sector: A Lucrative Target for CyberattackersCyware – Sep 21 2020 18:36Cyber disruptions across the education sector have become more common than ever. Over the past two months, the sector has been dealing with a barrage of vulnerability exploits, malware, DDoS, and phishing attacks. Recent incidents Fairfax County…
Value and Limitations of Vendor Telemetry and Reported IncidentsSecurity Week – Sep 21 2020 15:32Threat statistics come from a variety of sources: reported incidents, vendor telemetry, internet traffic and dark web analysis. All have value, and all have limitations. Reported incidents form the basis of Verizon's Data Breach Investigations Report…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

This website uses cookies.
See our privacy policy at www.silobreaker.com/legal