20 November 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Magecart Group 12 22
APT10 11 38
Grelos Skimmer 7 12
Carbanak 6 17
TA505 6 20
Clop Ransomware 5 8
Mount Locker Ransomware 5 11
Olympic Destroyer 4 8
Sodinokibi Ransomware 11 20
Egregor Ransomware 7 32
Data Breaches
Go SMS Pro Messaging App Exposed Users’ Private Media FilesDark Reading: – Nov 19 2020 21:05The popular Android app uses easily guessable Web addresses when users send private photos, videos, and voice messages.
Securityblog – RT @TrendMicroRSRCH: We recently observed an interesting payload deployment using the #Metasploit Framework (MSF) against exposed Docker #A…Securityblog – Twitter – Nov 19 2020 20:18RT @TrendMicroRSRCH: We recently observed an interesting payload deployment using the #Metasploit Framework (MSF) against exposed Docker…
DarkReading – Go SMS Pro Messaging App Exposed Users’ Private Media Files https://t.co/IQBuUUYwVX #mobileapp #mobilesecurity #Android #vulnerabilityDarkReading – Twitter – Nov 19 2020 21:29Go SMS Pro Messaging App Exposed Users' Private Media Files http://ow.ly/S9SN50CpBla #mobileapp #mobilesecurity #Android #vulnerability
RonDeibert – A stunning (and yet somehow not surprising) insecure app design that fully exposed user’s private data; no transpar… https://t.co/wHBcL6jnc8RonDeibert – Twitter – Nov 19 2020 14:36A stunning (and yet somehow not surprising) insecure app design that fully exposed user's private data; no transparent bug reporting process; 100+ million installations…
Hacker Groups
APT10 hacking group targets industrial businesses once againTechRadar.com – Nov 19 2020 14:42Large-scale campaign by APT10 hacking group targets Japanese organisations A persistent, large-scale campaign of cyberattacks has been identified targeting organizations with connections to Japan. Symantec researchers have uncovered the campaign, which…
cyb3rops – RT @campuscodi: Symantec report’s on APT10’s latest attacks on Japanase targets (Cicada=APT10 in their report)

Can anyone confirm this is…cyb3rops – Twitter – Nov 19 2020 08:06RT @campuscodi: Symantec report's on APT10's latest attacks on Japanase targets (Cicada=APT10 in their report)

Can anyone confirm this is the APT behind the NTT, Mitsubishi Electric, and all the Japanese tech giants last…

deresz666 – RT @campuscodi: Symantec report’s on APT10’s latest attacks on Japanase targets (Cicada=APT10 in their report)

Can anyone confirm this is…deresz666 – Twitter – Nov 19 2020 08:17RT @campuscodi: Symantec report's on APT10's latest attacks on Japanase targets (Cicada=APT10 in their report)

Can anyone confirm this is the APT behind the NTT, Mitsubishi Electric, and all the Japanese tech giants last…

Malware
The malware that usually installs ransomware and you need to remove right awayZDNet Security – Nov 20 2020 05:45If you see any of these malware strains on your enterprise networks, stop everything you're doing and audit all systems.
ZDNet – The malware that usually installs ransomware and you need to remove right away https://t.co/3BIzO3cN22ZDNet – Twitter – Nov 20 2020 06:45The malware that usually installs ransomware and you need to remove right away…
Evolution of Emotet: From Banking Trojan to Malware DistributorTHN : The Hacker News – Nov 19 2020 11:17Emotet is one of the most dangerous and widespread malware threats active today. Ever since its discovery in 2014—when Emotet was a standard credential stealer and banking Trojan, the malware has evolved into a modular, polymorphic platform for…
Egregor ransomware attack hijacks printers to spit out ransom notesGraham Cluley – Nov 19 2020 13:52When the Egregor ransomware infected computers at a South American retail giant, it sent a clear message to its victim – via its attached printers! Read more in my article on the Tripwire State of Security blog.
Vulnerabilities
Chinese Hackers Exploit Zerologon Flaw for CyberespionageBankInfoSecurity – Nov 19 2020 21:10Researchers: 'Cicada' Campaign Targeting…
Drupal addressed CVE-2020-13671 Remote Code Execution flawSecurity Affairs – Nov 19 2020 17:36Drupal development team has released security updates to address a remote code execution flaw, tracked as CVE-2020-13671. The Drupal development team has released security updates to fix a remote code execution vulnerability related caused by the…
InfoSecHotSpot – Cisco Webex flaw leaves meetings open to snooping A vulnerability has been discovered in Cisco’s Webex conferencing… https://t.co/yvNmJbHMQFInfoSecHotSpot – Twitter – Nov 19 2020 15:58Cisco Webex flaw leaves meetings open to snooping A vulnerability has been discovered in Cisco’s Webex conferencing application which allows meeting attendees to act as ‘ghosts’. The flaw (CVE-2020-3419) allows any member of the meeting to spy on…
securityaffairs – #Drupal addressed CVE-2020-13671 Remote Code Execution flaw
https://t.co/eFPtwjGf5z
#securityaffairs #hacking
securityaffairs – Twitter – Nov 19 2020 17:39#Drupal addressed CVE-2020-13671 Remote Code Execution flaw

Drupal addressed CVE-2020-13671 Remote Code Execution flaw


#securityaffairs #hacking

Ongoing Campaigns
Who’s Calling? How to Avoid Being Hooked by Vishing – the New Old-School Phone ScamCheck Point – Nov 19 2020 13:49FBI and CISA warn against surge in voice phishing campaigns targeting employees working remotely Hackers profile and target employees using information from LinkedIn and other social media platforms to overcome suspicion and appear to be genuine 81% of…
Mobile Phishing Attacks Now Focusing on Malware DeliveryCyware – Nov 19 2020 18:36Cybercriminals behind mobile phishing attacks have now changed their tactics while targeting pharmaceutical companies. Now, they are more focused on malware delivery instead of credential theft. Additionally, they are looking for critical research…
Threats without borders: Brazilian banking trojans go globalSC Magazine US – Nov 19 2020 17:47People sleep waiting in line outside a Caixa Economica Federal bank to receive urgent government benefit amidst the COVID-19 struggles in Belo Horizonte, Brazil. Beyond the pandemic, banks combat the Brazil-based Guildma cybercriminal gang that…
Healthcare Orgs: What You Need to Know About TrickBot and RyukSecurity Bloggers Network – Nov 19 2020 21:23 In late October, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) co-authored an …

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal