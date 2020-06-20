Cyber Alert – 20 June 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|InvisiMole Group
|8
|33
|ACIDBOX
|6
|29
|Turla Spyware
|4
|5
|IcedID Trojan
|5
|16
|Bundlore
|3
|8
|Stuxnet
|3
|11
|Mailto Ransomware
|6
|7
|Turla APT Group
|4
|12
|Neverquest Trojan
|2
|2
|APT30
|2
|2
|Hacker Groups
|Exposing Ashiyane Digital Security Team – An OSINT Analysis
|Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge – Jun 19 2020 14:08
|Dear blog readers, I wanted to let you know that I've decided to publish a set of high-profile and personally identifiable personal photos of all the leading and currently active Iran-based hacking and Web site defacement groups with the idea to…
|Malware
|Mysterious ‘AcidBox’ Malware Used Turla Exploit to Target Russian Organizations
|SecurityWeek RSS Feed – Jun 19 2020 11:18
|Targeted attacks delivering a new piece of malware leveraged an exploit previously associated with the Russian-linked Turla hacking group, Palo Alto Networks reveals. …
|Ransomware explained: How it works and how to remove it
|CERT-EU VulnerabilitiesApplications – Jun 19 2020 10:06
|Ransomware definition. Ransomware is a form of malware that encrypts a victim's files. The attacker then demands a ransom from the victim to restore access to the data upon payment. Users are shown instructions for how to pay a fee to get the…
|Vulnerabilities
|NA – CVE-2020-13276 – User is allowed to set an email as a…
|CERT-EU VulnerabilitiesApplications – Jun 20 2020 03:50
|This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary User is allowed to set an email as a notification email even without verifying the new email…
|NA – CVE-2020-14930 – An issue was discovered in BT CTROMS Terminal…
|CERT-EU VulnerabilitiesApplications – Jun 20 2020 03:50
|An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur because the password-reset feature discloses the verification token. Upon a getverificationcode.jsp request, this token is transmitted not only to the…
|Security Flaws & Fixes – W/E – 6/19/20
|Tech-Wreck InfoSec Blog – Jun 19 2020 12:33
|Adobe Issues Security Bulletins for 18 Bugs (06/16/2020) Adobe has published security bulletins for a number of its products….
|NA – CVE-2020-13275 – A user with an unverified email address could…
|CERT-EU VulnerabilitiesApplications – Jun 20 2020 03:50
|This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary A user with an unverified email address could request an access to domain restricted groups in…
|Ongoing Campaigns
|AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations
|Security Affairs – Jun 19 2020 13:50
|New AcidBox Malware employed in targeted attacks leverages an exploit previously associated with the Russian-linked Turla APT group. Palo Alto Networks researchers analyzed a new malware, dubbed AcidBox, that was employed in targeted attacks and…
|NetWalker claims credit for attack on Crozer-Keystone Health System
|SC Magazine US – Jun 20 2020 02:44
|The NetWalker ransomware group claimed to be behind an attack on Philadelphia area Crozer-Keystone Health System, prompting the health care provider to take systems offline. The hackers are threatening to begin releasing information nicked in the…
