Threat Reports

Cyber Alert – 19 May 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
PwndLocker 25 38
QakBot 15 29
Sodinokibi Ransomware 18 74
LokiBot Trojan 14 56
GandCrab Ransomware 4 7
Winnti Group 4 4
PentaGuard 3 8
COMpfun RAT 4 38
Locky Ransomware 2 4
Watchbog Linux Trojan 2 5
Data Breaches
Mercedes-Benz source code exposed via misconfigured Git registration system
SiliconANGLEMay 19 2020 00:38
The source code belonging to smart car components designed by Mercedes-Benz has been found exposed online via a misconfigured Git registration system. Discovered by software engineer Till Kottmann and first reported by ZDNet, the source code was…
Edison Mail bug exposed users’ email accounts to complete strangers
HOTforSecurityMay 18 2020 12:03
Unemployment Aid Applicants in Illinois Had Their Personal Data Exposed
TechNaduMay 18 2020 09:18
A glitch in the IDES system that received unemployment claim submissions has resulted in data exposure. The information that leaked online is sensitive private data like names, IDs, SSNs, and bank account numbers. The State of Illinois confirmed the…
Edison Mail bug exposed iPhone users’ email accounts to complete strangers
Graham CluleyMay 18 2020 12:28
The makers of a popular iOS email app have warned their users that their accounts may have been compromised after a buggy software update made it possible to see strangers’ emails. Read more in my article on the Hot for Security blog.
Hacker Groups
APT-C-23 has Re-Emerged on the Front Scene with “Mygram” Hacks
TechNaduMay 18 2020 15:03
IDF soldiers and officers received fake messages that lured them into downloading “Mygram IM”. This software is essentially powerful spyware that can access all user data on a mobile device. The actors behind this were confirmed to be “APT-C-23”, who…
Malwarebytes – The Lazarus Group is reportedly targeting #Macs with stealthy #spyware. Via @tomsguide https://t.co/2Iq8Tp6JUh
Malwarebytes – TwitterMay 18 2020 21:12
The Lazarus Group is reportedly targeting #Macs with stealthy #spyware. Via @tomsguide https://bit.ly/2AH23Fh
securityaffairs – Chinese #APT Tropic Trooper target air-gapped military Networks in Asia…
https://t.co/wgIz3vpiNx
#securityaffairs #hacking
securityaffairs – TwitterMay 18 2020 07:56
Chinese #APT Tropic Trooper target air-gapped military Networks in Asia…

Chinese APT Tropic Trooper target air-gapped military Networks in Asia


#securityaffairs #hacking

securityaffairs – Chinese #APT Tropic Trooper target air-gapped military Networks in Asia
https://t.co/wgIz3vpiNx
#securityaffairs #hacking
securityaffairs – TwitterMay 18 2020 21:42
Chinese #APT Tropic Trooper target air-gapped military Networks in Asia

Chinese APT Tropic Trooper target air-gapped military Networks in Asia


#securityaffairs #hacking

Malware
Ransomware Gang Arrested for Spreading Locky to Hospitals
Threatpost.comMay 18 2020 21:20
A group of four people calling themselves "Pentaguard" were arrested in house raids.
The ProLock ransomware doesn’t tell you one important thing about decrypting your files
Graham CluleyMay 18 2020 12:33
Have your computers been hit by the ProLock ransomware? You might want to read this before you pay any money to the criminals behind the attack.
REvil claims to have sold Trump-related material to unnamed buyer
Office of Inadequate SecurityMay 18 2020 19:17
The Sodinokibi/REvil ransomware team that attacked the entertainment law firm of Grubman Shire Meiselas & Sacks have…
REvil Ransomware found buyer for Trump data, now targeting Madonna
BleepingComputer.comMay 18 2020 23:51
REvil ransomware group claims to have buyers ready for documents containing damaging information about US‌ President Donald Trump and is preparing to auction data on international celebrity Madonna. […]
Vulnerabilities
jQuery 3.5.0 XSS – CVE-2020-11022/CVE-2020-11023
Reddit – NetsecMay 18 2020 08:47
submitted by /u/albinowax [link] [comments]
CVE-2020–1088 — Yet another arbitrary delete EoP
Reddit – NetsecMay 18 2020 14:38
submitted by /u/DaloonSpringRolls [link]…
This Service Helps Malware Authors Fix Flaws in their Code
Krebs on SecurityMay 18 2020 15:31
Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security…
Ongoing Campaigns
Vishing explained: How voice phishing attacks scam victims
CSO Online NewsMay 18 2020 14:40
What is vishing? Vishing is a form of attack that attempts to trick victims into giving up sensitive personal information over the phone. While that makes it sound like an old-fashioned scam, vishing attacks have high-tech elements: they involve…
FBI warns US organizations of ProLock ransomware decryptor not working
Security AffairsMay 18 2020 10:42
The FBI‌ issued a flash alert to warn organizations in the United States that the ProLock ransomware decryptor doesn’t work properly. Early this month, the FBI‌ issued a flash alert to warn organizations of the new threat actor targeting…
D00RT_RM – RT @threatpost: A new threat group, RATicate, has been targeting industrial firms in #malspam attacks spreading various payloads – from Lok…
D00RT_RM – TwitterMay 18 2020 11:25
RT @threatpost: A new threat group, RATicate, has been targeting industrial firms in #malspam attacks spreading various payloads – from LokiBot to Agent Tesla.
https://threatpost.com/raticate-group-industrial-firms-revolving-payloads/155775/
Latest Cyber Threats Looming Over IoT Devices
CywareMay 19 2020 04:10
Kaiji, a new strain of malware that is created from scratch using the Golang programming language, has been infecting Linux-based servers and Internet of Things (IoT) devices to launch distributed denial-of-service (DDoS) attacks. IoT devices targeted…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 05 June 2020

    Silobreaker's Daily COVID-19 Alert for 05 June 2020
  • Cyber Alert – 05 June 2020

    Cyber Alert: troyhunt - RT @haveibeenpwned: New breach: Indian self-drive car rental company Zoomcar was breached in 2018 and had 3.5M records exposed then...
  • Threat Summary: 29 May – 04 June 2020

    29 May – 04 June 2020 Silobreaker’s Weekly Cyber Digest is a quantitative summary of our threat reports, published every Thursday. The reports are...
View all News

Request a demo

Get in touch