21 November 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Mount Locker Ransomware 10 21
Grelos Skimmer 8 20
QakBot 10 12
LulzSec 5 5
Phorpiex Malware 4 5
Egregor Ransomware 8 40
Magecart Group 6 23
Lazarus Group 6 27
Trickbot Malware 14 36
Zloader Malware 4 14
Data Breaches
Dinosn – https://t.co/rGPC02qeET exposed data of millions after database mess up https://t.co/XzbjFwKzjyDinosn – Twitter – Nov 21 2020 04:48http://Pray.com exposed data of millions after database mess up https://www.hackread.com/pray-com-exposed-after-database-mess-up/
Pray.com exposed data of millions after database mess upHackRead – Nov 20 2020 14:52Pray.com applied poor security potentially exposing nearly 10 million users to frauds and cyberattacks, claim VpnMentor’s researchers. VpnMentor research team led by Noam Rotem and Ran Locar discovered four misconfigured Amazon Web Service (AWS) S3…
cybersecboardrm – https://t.co/dRgxgqzuHM exposed data of millions after database mess up #Cybersecurity #security #ui https://t.co/eV64VoUB7Bcybersecboardrm – Twitter – Nov 21 2020 06:36http://Pray.com exposed data of millions after database mess up #Cybersecurity #security #ui https://www.hackread.com/pray-com-exposed-after-database-mess-up/
KL-001-2020-005 : Barco wePresent Admin Credentials Exposed In Plain-textSeclists.org – Full Disclosure – Nov 20 2020 20:35Posted by KoreLogic Disclosures via Fulldisclosure on Nov 20 KL-001-2020-005 : Barco wePresent Admin Credentials Exposed In Plain-text Title: Barco wePresent Admin Credentials Exposed In Plain-text Advisory ID: KL-001-2020-005 Publication Date:…
Hacker Groups
2020-11-20 – TA551 (Shathak) Word docs with Japanese template push IcedIDMalware-Traffic-Analysis.net – Blog Entries – Nov 20 2020 23:42
APT10: Active Again in Multiple Regions, With New TricksCyware – Nov 20 2020 18:36APT10 (also known as Red Apollo), a Chinese cyberespionage group, is active again and found to be abusing the Windows Zerologon vulnerability. They are now targeting Japanese companies and subsidiaries belonging to multiple industry sectors located…
Symantec Reports on Cicada APT Attacks against JapanITSecurity.Org – RSS – Nov 20 2020 12:05Symantec Reports on Cicada APT Attacks against Japan Symantec is reporting on an APT group linked to China, named Cicada. They have been attacking organizations in Japan and elsewhere. Cicada has historically been known to target Japan-linked…
Magecart: What it is and what you can do about itDigital Commerce 360 – Nov 20 2020 18:00Share This Story: James Melton | Nov 20, 2020 2020 has been a big year of Magecart attacks on ecommerce websites. And with holidays looming, online criminals are likely to become even more active. In September, criminals using Magecart techniques attacked…
Malware
ZDNet – The malware that usually installs ransomware and you need to remove right away https://t.co/C4Aq2o82yYZDNet – Twitter – Nov 20 2020 11:00The malware that usually installs ransomware and you need to remove right away…
ZDNet – The malware that usually installs ransomware and you need to remove right away https://t.co/AFeYj77XWUZDNet – Twitter – Nov 20 2020 15:15The malware that usually installs ransomware and you need to remove right away…
ZDNet – The malware that usually installs ransomware and you need to remove right away https://t.co/s4Utq38GNmZDNet – Twitter – Nov 20 2020 19:30The malware that usually installs ransomware and you need to remove right away…
ZDNet – The malware that usually installs ransomware and you need to remove right away https://t.co/58lPImuraFZDNet – Twitter – Nov 21 2020 04:00The malware that usually installs ransomware and you need to remove right away…
Vulnerabilities
securityaffairs – #Drupal addressed CVE-2020-13671 Remote Code Execution flaw
https://t.co/eFPtwjGf5z
#securityaffairs #hacking
securityaffairs – Twitter – Nov 20 2020 08:35#Drupal addressed CVE-2020-13671 Remote Code Execution flaw

Drupal addressed CVE-2020-13671 Remote Code Execution flaw


#securityaffairs #hacking

securityaffairs – 246869 Windows systems are still vulnerable to the BlueKeep flaw
https://t.co/LFcnmGPYzL
#securityaffairs #hacking
securityaffairs – Twitter – Nov 20 2020 23:21246869 Windows systems are still vulnerable to the BlueKeep flaw

246869 Windows systems are still vulnerable to the BlueKeep flaw


#securityaffairs #hacking

VMware Fixes Critical Flaw in ESXi HypervisorThreatpost.com – Nov 20 2020 20:18The critical and important-severity flaws were found by a team at the China-based Tiunfu Cup hacking challenge.
DataBreachToday – Chinese hackers exploit Zerologon flaw for #cyberespionage campaign dubbed ‘Cicada,’ targeting Japanese companies… https://t.co/pyYuSxNW23DataBreachToday – Twitter – Nov 20 2020 10:18Chinese hackers exploit Zerologon flaw for #cyberespionage campaign dubbed 'Cicada,' targeting Japanese companies
https://bit.ly/39dl4yv by @asokan_akshaya
Ongoing Campaigns
With Black Friday-Cyber Monday looming, Grelos skimmer tied to Magecart poses threatSC Magazine US – Nov 20 2020 23:35A new Grelos skimmer variant tied to Magecart Group could potentially lure online shoppers to fill out phony payment forms over the upcoming holidays. A unique cookie could allow attackers to connect to a recent variant of the Grelos skimmer then to…
2020 Black Friday/Cyber Monday – Likely Magecart Attack Increase Due To Plug-in Vulns – Experts PerspectiveInformation Security Buzz – Nov 20 2020 11:09With Black Friday and Cyber Monday just a week away, an expert with Juniper Threat Labs offers insight into why Magecart attacks are likely to be on the increase for the 2020 holiday shopping season, and what hyper-connected enterprises can do to…
IT threat evolution Q3 2020Kaspersky Lab – Nov 20 2020 10:00
Chaes Infostealer Chasing Brazilian Banking UsersCyware – Nov 20 2020 18:36Latin American banking users have got another new threat to worry about. An active campaign has been discovered targeting users of MercadoLivre – a large e-commerce platform in Latin America. The campaign has been observed to be using Chaes, a…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal