Threat Reports

Cyber Alert – 21 September 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Ragnar Locker 5 23
RansomExx 2 5
Cerberus Malware 3 26
Shamoon Virus 1 1
Ransom X 1 1
CYBORG Ransomware 1 1
Mozi Malware 1 6
Crypt32 Ransomware 1 8
APT34 1 3
Mirai Trojan 1 5
Data Breaches
Misconfigured UTAS SharePoint Site Exposed 20,000 Students Details
SecurityPhreshSep 21 2020 03:54
Security settings allowed broad access to files.
US charges Iranian hackers for breaching US satellite companies
US charges Iranian hackers for breaching US satellite companies…
ZDNet – US charges Iranian hackers for breaching US satellite companies https://t.co/MtXmQJqQc2
US charges Iranian hackers for breaching US satellite companies…
ZDNet – US charges Iranian hackers for breaching US satellite companies https://t.co/LX72iXgPso
US charges Iranian hackers for breaching US satellite companies…
Hacker Groups
secure_sean – RT @peterkruse: Iranian APT group Silent Librarian (aka Cobalt Dickens) just launched new attacks against universities in the US. New targe…
secure_sean – TwitterSep 20 2020 17:05
RT @peterkruse: Iranian APT group Silent Librarian (aka Cobalt Dickens) just launched new attacks against universities in the US. New targets are; University of Adelaide and Columbia University,

Several new domains on TLD: .me put in place….
anon_indonesia – The Anonymous Indonesia News Daily is out! https://t.co/KjgffylAMP
anon_indonesia – TwitterSep 21 2020 03:14
The Anonymous Indonesia News Daily is out! https://paper.li/anon_indonesia/1435572762?edition_id=9b7f0ad0-fbb8-11ea-a0b4-002590a5ba2d
US charges five hackers from Chinese state-sponsored group APT41
US charges five hackers from Chinese state-sponsored group APT41…
Australian Cyber Security Centre – Advisory 2020-008: Copy-Paste Compromises – tactics, techniques and procedures used to target multiple Australian networks
Tout sur la cybersociété, la cybersécurité, la cybercriminalité, la cyberdéfense, …Sep 20 2020 19:34
Australian Cyber Security Centre – Advisory 2020-008: Copy-Paste Compromises – tactics, techniques and procedures used to target multiple Australian networks Version:W3, Last Updated: 15 September 2020 – 60 pages <…
Malware
Maze Actors Copy Ragnar Locker’s Virtual Machine Trick
CywareSep 20 2020 18:36
Maze ransomware operators are known for their innovative tactics and approaches, such as the launch of a dedicated Maze news site and the creation of a cartel of ransomware operations to share resources and infrastructure with other cybercriminals….
The ransomware crisis is getting worse. We need to make these four big changes
ZDNet SecuritySep 20 2020 22:00
Tough decisions are needed to stop the ransomware problem. But that will mean some big and difficult changes.
Cerberus banking Trojan source code released for free to cyberattackers
Cerberus banking Trojan source code released for free to cyberattackers…
Ransomware: This essential step could help you make it through an attack
Ransomware: This essential step could help you make it through an attack…
Vulnerabilities
US govt orders federal agencies to patch dangerous Zerologon bug by Monday
ZDNet SecuritySep 20 2020 17:02
DHS CISA tells government agencies to patch Zerologon bug by Monday, citing "unacceptable risk" posed to federal networks.
Shpantzer – RT @_dirkjan: There seems to be quite some questions and confusion about the impact of exploiting Zerologon (CVE-2020-1472) on the environm…
Shpantzer – TwitterSep 21 2020 02:34
RT @_dirkjan: There seems to be quite some questions and confusion about the impact of exploiting Zerologon (CVE-2020-1472) on the environment. So here's a thread 👇
ATO declines to fix code replay flaw within myGovID
ZDNet SecuritySep 21 2020 01:36
Security researchers advise users to not use the system until it is patched, and given the taxation office's response, that could be a long time coming.
Ongoing Campaigns

