Threat Reports

Cyber Alert – 20 May 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
WolfRAT 15 15
Magecart Group 10 15
Dendroid 6 6
Magecart Malware 6 6
LokiBot Trojan 19 74
Mailto Ransomware 7 13
PwndLocker 8 40
Mirai Trojan 5 8
Locky Ransomware 4 8
Winnti Group 5 9
Data Breaches
UK: Over 190 Law Firms Affected by Advanced Data Leak That Exposed Over 10,000 Legal Documents
Office of Inadequate SecurityMay 19 2020 12:17
Alicia Hope: A leading UK software company exposed personal information belonging to over 190 law firms through an unsecured…
cybersecboardrm – RT @AudreyDesisto: Over 190 Law Firms Affected by Advanced Data Leak That Exposed Over 10,000 Legal Documents via ⁦@cpomagazine⁩
#CyberSec…
cybersecboardrm – TwitterMay 19 2020 13:31
RT @AudreyDesisto: Over 190 Law Firms Affected by Advanced Data Leak That Exposed Over 10,000 Legal Documents via ⁦@cpomagazine⁩
#CyberSecurity #DataBreach #infosec #law #privacy #cyber…
129 Million Car Owners From Moscow Had Their Data Exposed Online
TechNaduMay 19 2020 12:03
Someone is selling an extensive collection of data belonging to Russian car owners on the dark web. The dump contains the full identification details and car technical and registration data of 129 million people. There has been news about other police…
EasyJet hack: 9 million customers hit and 2,000 credit cards exposed
ZDNet SecurityMay 19 2020 12:33
Over 2,000 customers' credit-card details have been accessed by "highly sophisticated" hackers.
Hacker Groups
‘Greenbug’ hacking group hits three telecom firms in Pakistan
Cyberscoop – NewsMay 19 2020 21:25
For the past several months, suspected Iranian hackers have been rooting around the IT systems of at least three telecommunications companies in Pakistan, accessing data servers when it suits them, according to cybersecurity company Symantec. <…
kaspersky – A group calling themselves “Pentaguard” have been arrested after spreading the Locky ransomware to hospitals.

Rea… https://t.co/r2lUfCe7B4

kaspersky – TwitterMay 19 2020 10:30
A group calling themselves "Pentaguard" have been arrested after spreading the Locky ransomware to hospitals.

Read the full story ⇒ https://kas.pr/am4s https://twitter.com/kaspersky/status/1262692023510892544/photo/1

GossiTheDog – And yes, a ton of airlines have been hit by Magecart style attacks (insert JavaScript to harvest logins and card de… https://t.co/mEjhX6HsTX
GossiTheDog – TwitterMay 19 2020 12:29
And yes, a ton of airlines have been hit by Magecart style attacks (insert JavaScript to harvest logins and card details from forms).. so it wouldn’t be the first. My blog from 2018:…
e_kaspersky – Romania’s law enforcement department arrests #ransomware gang “Pentaguard” for spreading Locky to hospitals ⇒… https://t.co/x59KLWGoU3
e_kaspersky – TwitterMay 19 2020 06:55
Romania’s law enforcement department arrests #ransomware gang "Pentaguard" for spreading Locky to hospitals ⇒ https://kas.pr/j5c9 via @threatpost https://twitter.com/e_kaspersky/status/1262637897506848768/photo/1
Malware
NetWalker adjusts ransomware operation to only target enterprise
BleepingComputer.comMay 19 2020 15:27
NetWalker ransomware group is moving away from phishing for malware distribution and has adopted a network-intrusion model focusing on huge businesses only. […]
Ransomware Gang Arrested For Spreading Locky To Hospitals
News ≈ Packet StormMay 19 2020 14:31
2020-05-19 – Pcap and malware for an ISC diary (IcedID)
Malware-Traffic-Analysis.net – Blog EntriesMay 19 2020 20:17
WolfRAT malware targets WhatsApp, Messenger
SC Magazine USMay 19 2020 19:44
A new malware called “WolfRAT is targeting messaging apps, such as WhatsApp, Facebook Messenger and Line on Thai Android devices. WolfRAT, according to the Cisco Talos intelligence team, is based on a leak of the previously leaked DenDroid malware…
Vulnerabilities
CVEnew – CVE-2020-10722 A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow… https://t.co/YGqpRA3MI1
CVEnew – TwitterMay 19 2020 18:45
CVE-2020-10722 A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption….
Bluetooth flaw exposes countless devices to BIAS attacks
WeLiveSecurity RSSMay 19 2020 18:36
As many as 30 smartphones, laptops and other devices were tested – and all were found to be vulnerable The post …
Bluetooth pairing flaw exposes devices to BIAS attacks
IT Pro UKMay 19 2020 11:04
Bluetooth-enabled devices including smartphones, laptops, tablets and Internet of Things (IoT) devices are vulnerable to attack due to fundamental flaws in the Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) configuration. The Bluetooth Special…
Learn How To Embrace Risk-Based Vulnerability Management
Tenable BlogMay 19 2020 18:56
Legacy vulnerability management tools can no longer keep up with the expanding attack surface. Now is the time to focus your remediation efforts on the vulnerabilities that pose the greatest risk to your business.  There’s a growing…
Ongoing Campaigns
QakBot Trojan and ProLock Ransomware join up to attack
IT Security GuruMay 19 2020 11:05
ProLock is relatively new, but already the ransomware is making waves by using QakBot infections to access networks, gain persistence and avoid detection. A relatively new ransomware, ProLock, has paired up with the QakBot banking trojan to access…
Manufacturing Organizations Like Bluescope are the Next Targets for Cybercriminals
CywareMay 19 2020 18:10
The frequency and sophistication of cyberattacks against the manufacturing industry have been rising. Recently, some notorious threat actors were found targeting manufacturing firms in Australia. Recent incidents in Australia In May 2020, a cyber…
Military-Grade Air-Gapped Networks Under Attack
CywareMay 19 2020 19:24
Cybercriminals seem to be busy in carrying out espionage activities on high-value targets, that are using military-grade security. After Ramsay, within a week another malware strain has been observed that could penetrate air-gapped networks. In May…
Magecart malware merrily sipped card details, evaded security scans on UK e-tailer Páramo for almost 8 months
The RegisterMay 19 2020 10:05
More than 3,500 folks' payment info quietly stolen A card-skimming Magecart malware infection lingered on a British outdoor clothing retailer's website without detection for nearly eight months despite regular security scans. London-based Páramo told…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 05 June 2020

    Silobreaker's Daily COVID-19 Alert for 05 June 2020
  • Cyber Alert – 05 June 2020

    Cyber Alert: troyhunt - RT @haveibeenpwned: New breach: Indian self-drive car rental company Zoomcar was breached in 2018 and had 3.5M records exposed then...
  • Threat Summary: 29 May – 04 June 2020

    29 May – 04 June 2020 Silobreaker’s Weekly Cyber Digest is a quantitative summary of our threat reports, published every Thursday. The reports are...
View all News

Request a demo

Get in touch