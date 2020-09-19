Cyber Alert – 19 September 2020
|Hacker Groups
|APT41, the China-based hacking operation spanning the world
|Tech Xplore – RSS – Sep 18 2020 07:50
|A global hacking collective known as APT41 has been accused by US authorities of targeting company servers for ransom, compromising government networks and spying on Hong Kong activists.
|U.S. Imposes Sanctions on ‘APT39’ Iranian Hackers
|Security Week – Sep 18 2020 13:06
|The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday announced sanctions against Iran-based cyber threat actor APT39, associated individuals, and a front company named Rana Intelligence Computing Company. Active…
|Malware
|A real-life Maze ransomware attack – “If at first you don’t succeed…”
|Naked Security – Sophos – Sep 18 2020 15:58
|The crooks wanted $15,000,000. They didn't get it. Huzzah!
|BleepinComputer – In his tests, he was able to download Cobalt Strike and we could download a WastedLocker ransomware sample without… https://t.co/63StMpFSiN
|BleepinComputer – Twitter – Sep 18 2020 14:21
|In his tests, he was able to download Cobalt Strike and we could download a WastedLocker ransomware sample without any problems. https://twitter.com/BleepinComputer/status/1306961648050155520/photo/1
|virusbtn – Sophos researchers analyse a recent Maze ransomware infection in which the ransomware was delivered inside a Window… https://t.co/vAU3jCIZFi
|virusbtn – Twitter – Sep 18 2020 16:16
|Sophos researchers analyse a recent Maze ransomware infection in which the ransomware was delivered inside a Windows virtual machine, a technique previously used by Ragnar Locker…
|“Maze” Ransomware Adopts the “Ragnar Locker” VM Wrapping Trick
|TechNadu – Sep 18 2020 08:03
|“Maze” is now using virtual machine files wrapped in Windows installers to deliver its payload. This method was first spotted on “Ragnar Locker”, but Maze has evolved it to become more capable. It is clear that VM is now becoming a widespread detection…
|Vulnerabilities
|Dinosn – Micropatch for Zerologon, the “perfect” Windows vulnerability (CVE-2020-1472) https://t.co/V8VUAVyuXi
|Dinosn – Twitter – Sep 18 2020 06:08
|Micropatch for Zerologon, the "perfect" Windows vulnerability (CVE-2020-1472) https://blog.0patch.com/2020/09/micropatch-for-zerologon-perfect.html
|Security Flaws & Fixes – W/E – 9/18/20
|Tech-Wreck InfoSec Blog – Sep 18 2020 19:45
|Netlogon Vulnerability Can Give Attackers Domain Admin Privileges (09/15/2020) Security firm Secura is urging users of …
|CVEnew – CVE-2020-14390 A flaw was found in the Linux kernel in versions from 2.2.3 through 5.9.rc5. When changing screen si… https://t.co/7THnBARDdB
|CVEnew – Twitter – Sep 18 2020 18:45
|CVE-2020-14390 A flaw was found in the Linux kernel in versions from 2.2.3 through 5.9.rc5. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. This highest threat from t……
|IoT Devices Ship with Security Flaws Because Profit Drive the Market
|Security Bloggers Network – Sep 18 2020 17:06
