19 November 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
APT10 15 23
TA505 10 14
Chaes Malware 9 11
FunnyDream 7 25
Carbanak 6 11
WebNavigator Browser 5 7
Egregor Ransomware 8 26
Ragnar Locker 8 34
IcedID Trojan 3 3
Hartip 2 2
Data Breaches
Secnewsbytes – Micropayments Firm ‘Coil’ Spectacularly Exposed User Email Addresses | TechNadu https://t.co/yK29vU65aK?Secnewsbytes – Twitter – Nov 18 2020 08:49Micropayments Firm ‘Coil’ Spectacularly Exposed User Email Addresses | TechNadu https://www.technadu.com/micropayments-firm-coil-spectacularly-exposed-user-email-addresses/225413/?
Bumble bugs could have exposed personal data of all usersWeLiveSecurity RSS – Nov 18 2020 17:43The information at risk of theft due to API flaws included people’s pictures, locations, dating preferences and Facebook data The post …
Cryptocurrency exchange Liquid suffers security breach, user data exposedGraham Cluley – Nov 18 2020 21:46Cryptocurrency exchange Liquid has revealed that it was hacked last week, after a malicious attacker managed to seize control of its DNS records, seized control of some internal email accounts, and gained access to the firm's document storage…
Over 80,000 ID Cards and Fingerprint Scans Exposed in Cloud LeakMalwareTips.com – Nov 18 2020 11:08A US-based used electronics retailer has exposed over 2.6 million files, including ID cards and biometric images, after a misconfigured AWS S3 bucket was discovered. Researchers at Website… Click to expand……
Hacker Groups
China-linked hacking gang ‘APT10’ named as probable actor behind extended attacks on Japanese companiesThe Register – Nov 19 2020 04:13Campaign even targeted branch offices inside China and sought secrets of automotive and engineering companies Broadcom’s security subsidiary Symantec has named a China-linked hacking gang known as “APT 10” and “Cicada” as the probable source of a…
Chinese APT10 hackers target Japanese orgs in global campaignBleeping Computer – Nov 18 2020 16:21A Chinese state-sponsored hacking group has been observed while launching attacks against Japanese companies and their subsidiaries from multiple industry sectors in 17 regions around the globe. This global cyber-espionage campaign has been attributed…
virusbtn – Symantec reports that China-linked APT10 group (Cicada, Cloud Hopper) is behind attacks on Japanese firms, trying t… https://t.co/8oKXQe02pIvirusbtn – Twitter – Nov 18 2020 17:00Symantec reports that China-linked APT10 group (Cicada, Cloud Hopper) is behind attacks on Japanese firms, trying to steal sensitive data https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-japan-espionage
APT10 and…
CyberScoopNews – Symantec implicates APT10 in sweeping hacking campaign against Japanese firms https://t.co/aflSvNFgv5 by @snlyngaasCyberScoopNews – Twitter – Nov 18 2020 15:31Symantec implicates APT10 in sweeping hacking campaign against Japanese firms https://hubs.ly/H0B5BCG0 by @snlyngaas
Malware
Gaming Company Confirms Ragnar Locker Ransomware AttackCUInfoSecurity – Nov 18 2020 10:05Capcom Says Over 350,000 Customer, Business Records Possibly Compromised Japanese computer game company Capcom acknowledged this week that a November security incident was a Ragnar Locker ransomware attack that resulted in about 350,000 customer and…
Gamarue – The hunt is on!MalwareTips.com – Nov 18 2020 19:05Hi, I've had an email from my ISP saying they have detected a device on my network which is infected with Gamarue. From what I have read online, this malware only affects Windows? I have scanned……
InfoSecHotSpot – DarkSide Ransomware Operators Plan to Open Distributed Storage System for Stolen Files The ransomware gang known as… https://t.co/1riHSuXRhAInfoSecHotSpot – Twitter – Nov 18 2020 13:58DarkSide Ransomware Operators Plan to Open Distributed Storage System for Stolen Files The ransomware gang known as DarkSide has announced plans to offer a distributed storage platform for affiliates. The plan is to make it harder for authorities to…
7 dumb ways to be a ransomware victim, and how to avoid the embarrassmentCSO Magazine – Nov 18 2020 11:00Ransomware perpetrators count on Windows security admins to make these common mistakes. Here’s how to find and fix them. Copyright © 2020 IDG Communications, Inc. Similar Security
Vulnerabilities
securityaffairs – 246869 Windows systems are still vulnerable to the BlueKeep flaw
https://t.co/LFcnmGPYzL
#securityaffairs #hacking
securityaffairs – Twitter – Nov 18 2020 20:45246869 Windows systems are still vulnerable to the BlueKeep flaw

246869 Windows systems are still vulnerable to the BlueKeep flaw


#securityaffairs #hacking

InfoSecHotSpot – Cisco Webex ‘Ghost’ Flaw Opens Meetings to Snooping Cisco patched the Webex flaw, as well as three critical-severit… https://t.co/7HXYNJWU6yInfoSecHotSpot – Twitter – Nov 19 2020 00:58Cisco Webex ‘Ghost’ Flaw Opens Meetings to Snooping Cisco patched the Webex flaw, as well as three critical-severity vulnerabilities, in a slew of security updates on Wednesday. https://bit.ly/2HkpDeM…
Brace for DNS Spoofing: Cache Poisoning Flaws DiscoveredBankInfoSecurity – Nov 18 2020 16:11Fixes Arriving to Safeguard DNS Against Newly…
CVEnew – CVE-2020-27126 A vulnerability in an API of Cisco Webex Meetings could allow an unauthenticated, remote attacker to… https://t.co/YOC32eeo76CVEnew – Twitter – Nov 18 2020 18:45CVE-2020-27126 A vulnerability in an API of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of user-supplied input to an application…
Ongoing Campaigns
China-linked APT10 leverages ZeroLogon exploits in recent attacksSecurity Affairs – Nov 18 2020 20:27Researchers uncovered a large-scale campaign conducted by China-linked APT10 targeting businesses using the recently-disclosed ZeroLogon vulnerability. Symantec’s Threat Hunter Team, a Broadcom division, uncovered a global campaign conducted…
Massive, China-state-funded hack hits companies around the word, report saysArsTechnica – Nov 19 2020 00:07Enlarge / Computer chip with Chinese flag, 3d conceptual illustration. Steve McDowell / Agefotostock Researchers have uncovered a massive hacking campaign that’s using sophisticated tools and techniques to compromise the networks of companies around…
Lazarus is Back with Supply-Chain AttackCyware – Nov 18 2020 18:36North Korea-linked Lazarus APT group, also known as Hidden Cobra, has a long history of targeting victims in South Korea. According to security experts from ESET , this time the group has conducted operations by using an unusual supply-chain…
Phishing campaign targets LATAM e-commerce users with Chaes MalwareSecurity Affairs – Nov 18 2020 15:59Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Cybereason Nocturnus security researchers have identified an active campaign focused on the…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal