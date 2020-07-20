Cyber Alert – 20 July 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Ghost Squad Hackers
|2
|5
|EMOTET Trojan
|8
|105
|BazarBackdoor
|2
|10
|Nefilim Ransomware
|3
|17
|Turla Spyware
|1
|1
|Powerview
|1
|1
|njRAT Malware
|1
|1
|BlackRock Malware
|2
|28
|TA542
|1
|3
|Shiny Hunters
|1
|4
|Hacker Groups
|Ghost Squad Hackers defaced a second European Space Agency (ESA) site in a week
A group of hacktivists that goes online with the name Ghost Squad Hackers has defaced for the second time in a week a site of the European…
|NCSC – Detection and mitigation advice for organisations involved in coronavirus vaccine development targeted with custom… https://t.co/Vee5FXRfls
Detection and mitigation advice for organisations involved in coronavirus vaccine development targeted with custom malware by APT29
|jorgeorchilles – @EdgarR0jas Cozy Bear
@EdgarR0jas Cozy Bear
|anon_indonesia – The Anonymous Indonesia News Daily is out! https://t.co/OEI79SVSka Stories via @sureshdr #jakpost
The Anonymous Indonesia News Daily is out!
|Malware
|ZDNet – Bazar backdoor linked to Trickbot banking Trojan campaigns https://t.co/wtTcXxsy5X
Bazar backdoor linked to Trickbot banking Trojan campaigns
|Data stolen in ransomware attack on French telco Orange
|SiliconANGLE – Jul 20 2020 02:58
|French telecommunications company Orange S.A. has been targeted by a ransomware attack with data stolen. First reported by Bleeping Computer, the ransomware attack targeted Orange’s Business Services division that offers enterprise solutions…
|Emotet botnet returns with new Microsoft Office phishing campaign
|SiliconANGLE – Jul 20 2020 02:52
|The infamous botnet Emotet is back after a five-month break with a new Microsoft Office phishing campaign. The return of Emotet was first spotted by Malwarebytes Labs July 13 and the campaign took off by July 17. Emotet first emerged in 2014, and…
|Vulnerabilities
|HoneyPoC: Data Analytics from the FakePoC of CVE-2020-1350
|Reddit – Netsec – Jul 20 2020 00:08
|cybersecboardrm – Major Flaws Open the Edge to Attack #Cybersecurity #digital #infosec https://t.co/sRnyKSvnFP
Major Flaws Open the Edge to Attack
|Dinosn – Micropatch Available for “SIGRed”, the Wormable Remote Code Execution in Windows DNS Server (CVE-2020-1350) https://t.co/59kGeqvqc6
Micropatch Available for "SIGRed", the Wormable Remote Code Execution in Windows DNS Server (CVE-2020-1350)
|Firewall defense from LibSSH Authentication Bypass AKA CVE-2018–10993
|CERT-EU VulnerabilitiesApplications – Jul 19 2020 17:21
|In this story, I share with you the research and defense solution against the LibSSH authentication bypass vulnerability, on the year of discovery, as I’ve developed during an Information Security workshop at Tel-Aviv University. The solution enables…
|Ongoing Campaigns
|Diebold Nixdorf warns of a wave of ATM black box attacks across Europe
|Security Affairs – Jul 19 2020 09:27
|ATM maker Diebold Nixdorf is warning banks a new ATM black box attack technique that was recently employed in cyber thefts in Europe. Black box attacks…
|Overconfident about their security, businesses are falling victims to bot attacks
|Help Net Security – News – Jul 20 2020 03:00
|Many businesses are at risk from bot attacks, despite an awareness of the problem and a widely held belief that they have the problem under control, Netacea reveals. Global businesses at risk from bot attacks The research surveyed businesses…
