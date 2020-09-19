Silobreaker

Cyber Alert – 19 September 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
APT39 9 17
AZORult Stealer 11 12
Ragnar Locker 7 14
Maze Ransomware 14 60
Deadly Ransomware 4 4
APT41 10 126
RansomExx 3 3
PanGu Team 2 2
NanoCore RAT 2 3
Rana Institute 2 6
Data Breaches
thegrugq – @vmyths Leaving Shitrix on their systems exposed and vulnerable even after they were warned. Terrible system mainte… https://t.co/NY6t27KKrO
thegrugq – TwitterSep 18 2020 14:46
@vmyths Leaving Shitrix on their systems exposed and vulnerable even after they were warned. Terrible system maintenance has done more to blah blah cyber normal
US charges Iranian hackers for breaching US satellite companies
ZDNet – TwitterSep 18 2020 07:15
US charges Iranian hackers for breaching US satellite companies…
ZDNet – US charges Iranian hackers for breaching US satellite companies https://t.co/jvT8jUbXbq
ZDNet – TwitterSep 18 2020 13:30
US charges Iranian hackers for breaching US satellite companies…
FireEye – Join our webinar next week as we discuss a real use case where a company’s supply chain was breached and show how s… https://t.co/wRfRhqGbnQ
FireEye – TwitterSep 18 2020 13:03
Join our webinar next week as we discuss a real use case where a company's supply chain was breached and show how security validation could have helped prevent it: https://feye.io/32bco7E https://twitter.com/FireEye/status/1306941804093333506/photo/1…
Hacker Groups
APT41, the China-based hacking operation spanning the world
Tech Xplore – RSSSep 18 2020 07:50
A global hacking collective known as APT41 has been accused by US authorities of targeting company servers for ransom, compromising government networks and spying on Hong Kong activists.
U.S. Imposes Sanctions on ‘APT39’ Iranian Hackers
Security WeekSep 18 2020 13:06
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday announced sanctions against Iran-based cyber threat actor APT39, associated individuals, and a front company named Rana Intelligence Computing Company. Active…
Malware
A real-life Maze ransomware attack – “If at first you don’t succeed…”
Naked Security – SophosSep 18 2020 15:58
The crooks wanted $15,000,000. They didn't get it. Huzzah!
BleepinComputer – In his tests, he was able to download Cobalt Strike and we could download a WastedLocker ransomware sample without… https://t.co/63StMpFSiN
BleepinComputer – TwitterSep 18 2020 14:21
In his tests, he was able to download Cobalt Strike and we could download a WastedLocker ransomware sample without any problems. https://twitter.com/BleepinComputer/status/1306961648050155520/photo/1
virusbtn – Sophos researchers analyse a recent Maze ransomware infection in which the ransomware was delivered inside a Window… https://t.co/vAU3jCIZFi
virusbtn – TwitterSep 18 2020 16:16
Sophos researchers analyse a recent Maze ransomware infection in which the ransomware was delivered inside a Windows virtual machine, a technique previously used by Ragnar Locker…
“Maze” Ransomware Adopts the “Ragnar Locker” VM Wrapping Trick
TechNaduSep 18 2020 08:03
“Maze” is now using virtual machine files wrapped in Windows installers to deliver its payload. This method was first spotted on “Ragnar Locker”, but Maze has evolved it to become more capable. It is clear that VM is now becoming a widespread detection…
Vulnerabilities
Dinosn – Micropatch for Zerologon, the “perfect” Windows vulnerability (CVE-2020-1472) https://t.co/V8VUAVyuXi
Dinosn – TwitterSep 18 2020 06:08
Micropatch for Zerologon, the "perfect" Windows vulnerability (CVE-2020-1472) https://blog.0patch.com/2020/09/micropatch-for-zerologon-perfect.html
Security Flaws & Fixes – W/E – 9/18/20
Tech-Wreck InfoSec BlogSep 18 2020 19:45
 Netlogon Vulnerability Can Give Attackers Domain Admin Privileges (09/15/2020) Security firm Secura is urging users of …
CVEnew – CVE-2020-14390 A flaw was found in the Linux kernel in versions from 2.2.3 through 5.9.rc5. When changing screen si… https://t.co/7THnBARDdB
CVEnew – TwitterSep 18 2020 18:45
CVE-2020-14390 A flaw was found in the Linux kernel in versions from 2.2.3 through 5.9.rc5. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. This highest threat from t……
IoT Devices Ship with Security Flaws Because Profit Drive the Market
Security Bloggers NetworkSep 18 2020 17:06
Ongoing Campaigns

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

