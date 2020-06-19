Silobreaker

Menu
 
Menu

Threat Reports

  |  Tags: daily cyber digest

Cyber Alert – 19 June 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
InvisiMole 46 46
Gamaredon Group 13 28
ACIDBOX 10 23
Bundlore 5 5
GraceWire Malware 5 9
Maze Ransomware 15 48
IcedID Trojan 5 16
Lazarus Group 4 17
APT29 3 9
Cobalt Group 2 2
Data Breaches
EduardKovacs – An analysis of the “Official Trump 2020” application revealed that keys to various parts of the app were being expo… https://t.co/4VWbLJzAxs
EduardKovacs – TwitterJun 18 2020 07:14
An analysis of the “Official Trump 2020” application revealed that keys to various parts of the app were being exposed to attacks. https://www.securityweek.com/trumps-2020-reelection-app-exposed-secrets-keys
iblametom – Baby exposed to tear gas during BLM protest was foaming at the mouth, according to lawsuit filed by INDY BLM in Ind… https://t.co/sVABOqD9sC
iblametom – TwitterJun 18 2020 12:20
Baby exposed to tear gas during BLM protest was foaming at the mouth, according to lawsuit filed by INDY BLM in Indianapolis… https://twitter.com/iblametom/status/1273591477520777218/photo/1
Maze Ransomware Gang Continues Data-Leaking Spree
CUInfoSecurityJun 18 2020 19:05
Latest Named Victims Include Engineering Firm, Furniture Manufacturer, Pet Spa The Maze ransomware gang is continuing to exfiltrate data from victims before crypto-locking their systems, then leaking the data to try to force non-payers to accede to…
iblametom – RT @guyverhofstadt: Russian disinformation operation against citizens in EU, UK & US exposed. “The intent appears to have been to stir up r…
iblametom – TwitterJun 18 2020 09:36
RT @guyverhofstadt: Russian disinformation operation against citizens in EU, UK & US exposed. “The intent appears to have been to stir up racial & religious conflict in the target countries”.

Putin plays with us at his will. Why do the…
Hacker Groups
Anonymous tweets ‘DDoS’; everyone freaks out
TechBeacon – RSSJun 18 2020 11:21
Monday’s scare of a “major” denial-of-service attack turns out to have been just a BGP misconfiguration. Or some other fat-fingered change.
ProjectSauron: top level cyber-espionage platform covertly extracts encrypted government comms
CERT-EU VulnerabilitiesApplicationsJun 18 2020 12:49
What differentiates a truly advanced threat actor from a wannabe APT? Here are a few features that characterize the ‘top’ cyberespionage groups: The use of zero day exploits; Unknown, never identified infection vectors; Have compromised multiple…
Malware
Revisiting Ryuk: The Very Busy Ransomware Family
CywareJun 18 2020 13:01
The world, right now, has a lot on its hand to deal with and ransomware operators aren’t making it any easier. Take the case of Ryuk ransomware; it has dominated the ransomware landscape for the fourth consecutive quarter. The big picture Ryuk has…
Clipper Malware Operators Now Use Cloned Sites to Lure Victims
CywareJun 18 2020 19:01
Clipper malware are known for replacing the user’s cryptocurrency wallet address (a long and random string) with that of the hacker’s own wallet address, which is already difficult to keep a track due to its typical format. Recently, hackers were…
InfoSecHotSpot – AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit A “very rare” malware has been used by an unknown thr… https://t.co/8s4bK6gk8C
InfoSecHotSpot – TwitterJun 18 2020 11:58
AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit A “very rare” malware has been used by an unknown threat actor in cyberattacks against two different Russian organizations in 2017. https://bit.ly/2N5dz0a…
InvisiMole malware delivered by Gamaredon hacker group
BleepingComputer.comJun 18 2020 09:30
Security researchers have demystified the attack chain of the elusive InvisiMole cyberespionage group, revealing a complicated multi-stage format that relies on vulnerable legitimate tools, target-specific encryption of payloads, and stealthy…
Vulnerabilities
NA – CVE-2020-3244 – A vulnerability in the Enhanced Charging…
CERT-EU VulnerabilitiesApplicationsJun 18 2020 08:26
A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The…
EduardKovacs – Drupal patches several vulnerabilities, including PHP code execution and cross-site request forgery (CSRF) flaws. https://t.co/juveGIuvKL
EduardKovacs – TwitterJun 18 2020 12:47
Drupal patches several vulnerabilities, including PHP code execution and cross-site request forgery (CSRF) flaws. https://www.securityweek.com/drupal-patches-code-execution-flaw-most-likely-impact-windows-servers
NA – CVE-2020-3336 – A vulnerability in the software upgrade process…
CERT-EU VulnerabilitiesApplicationsJun 18 2020 08:26
A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote attacker to modify the filesystem to cause a denial of service (DoS) or gain…
NA – CVE-2020-3263 – A vulnerability in Cisco Webex Meetings Desktop…
CERT-EU VulnerabilitiesApplicationsJun 18 2020 08:26
A vulnerability in Cisco Webex Meetings Desktop App could allow an unauthenticated, remote attacker to execute programs on an affected end-user system. The vulnerability is due to improper validation of input that is supplied to application URLs. The…
Ongoing Campaigns
InvisiMole group targets military sector and diplomatic missions in Eastern Europe
Security AffairsJun 18 2020 20:13
Researchers uncovered a recent campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations. Security researchers at ESET recently uncovered a campaign carried out by the …
Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey
Security IntelligenceJun 18 2020 11:00
The Ginp mobile banking malware, which emerged in late 2019, is one of the top most prevalent Android banking malware families today. It started as a simple short message server (SMS) stealer and rapidly evolved into one of the most advanced…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 19 June 2020

    Silobreaker's Daily COVID-19 Alert for 19 June 2020
    Read more

  • Threat Summary: 12 – 18 June 2020

    12 – 18 June 2020 Silobreaker’s Weekly Cyber Digest is a quantitative summary of our threat reports, published every Thursday. The reports are created...
    Read more

  • COVID-19 Alert – 18 June 2020

    Silobreaker's Daily COVID-19 Alert for 18 June 2020
    Read more
View all News

Request a demo

Get in touch