Threat Reports

Cyber Alert – 22 June 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
NotPetya Ransomware 5 6
WannaCry Ransomware 5 15
Shlayer Trojan 3 10
Pegasus Malware 2 7
Truniger Hacker Group 1 1
Storm Cloud 1 1
ZeroCleare Wiper 1 1
Kraken Malware 1 1
Stanislav Vitaliyevich Lisov 1 2
Neverquest Trojan 1 3
Data Breaches
ForbesTech – 2,500 posts, 300 platforms, 6 years: A huge but mysterious pro-Russia disinformation campaign is exposed… https://t.co/glQKU2khQ0
ForbesTech – TwitterJun 21 2020 11:58
2,500 posts, 300 platforms, 6 years: A huge but mysterious pro-Russia disinformation campaign is exposed http://on.forbes.com/6018GzGYj by @iblametom
Ministry still tracing cause of Indonesia’s COVID-19 patient data leak
Office of Inadequate SecurityJun 21 2020 10:56
Antara News reports an update to a breach that first came to light when a data broker listed the data for sale on…
DissectMalware – XLM -> #VBScript
C08AFD90-F2A1-11D1-8455-00A0C91F3880 -> ShellBrowserWindow

more info: https://t.co/Sm6TjE7saz by… https://t.co/G1WVrgikQe

DissectMalware – TwitterJun 21 2020 21:55
XLM -> #VBScript
C08AFD90-F2A1-11D1-8455-00A0C91F3880 -> ShellBrowserWindow

more info: https://bohops.com/2018/03/17/abusing-exported-functions-and-exposed-dcom-interfaces-for-pass-thru-command-execution-and-lateral-movement/ by @bohops…

Secnewsbytes – Oracle’s BlueKai tracks you across the web. That data spilled online – TechCrunch https://t.co/GGA0aWrKeg
Secnewsbytes – TwitterJun 21 2020 09:29
Oracle’s BlueKai tracks you across the web. That data spilled online – TechCrunch https://techcrunch.com/2020/06/19/oracle-bluekai-web-tracking/
Hacker Groups
[German] Ke3chang (APT15) reporting..
Reddit – BlueTeamSec – RSSJun 21 2020 11:33
submitted by /u/digicat [link] [comments]
Partners in Crime: InvisiMole and Gamaredon
CywareJun 21 2020 21:49
InvisiMole is back with new tools and a new APT partnership. The group is known for targeting diplomatic missions, along with the military sector, in Eastern Europe. What is happening? InvisiMole operators have struck out a partnership with the…
The Return of Anonymous and the Future of Online Activism: An Interview with Dr. Gabriella Coleman
McGill International ReviewJun 21 2020 17:57
The Anonymous collective was an enigma of the 2010s, dominating both traditional media and the online sphere. The decentralized “hacktivist” collective was well known for its cyber-attacks on multiple institutions, ranging from the Church of…
Another RDP brute force ransomware strikes again, this time, Snatch Team! Snatch Team was able to go from brute forcing a Domain Administrator (DA) account via RDP, to encrypting all Domain joined systems in less than 5 hours.
Reddit – NetsecJun 21 2020 23:23
submitted by /u/TheDFIRReport [link] [comments]
Malware
InvisiMole malware delivered by Gamaredon hacker group
CERT-EU VulnerabilitiesApplicationsJun 21 2020 13:23
Security researchers have demystified the attack chain of the elusive InvisiMole cyberespionage group, revealing a complicated multi-stage format that relies on vulnerable legitimate tools, target-specific encryption of payloads, and stealthy…
DoppelPaymer Gang Suspected to be Targeting Retail Organizations
CywareJun 21 2020 19:24
The DoppelPaymer ransomware, which shares most of its code with the BitPaymer ransomware, is suspected to be aiming at the retail sector now. Most recently, it is suspected to be targeting Avon, one of the largest global brands producing and…
AcidBox Malware Leveraging Turla Group’s Exploit to Target Russian Organizations
CywareJun 21 2020 19:24
To increase the impact and intensity of their cyberattacks, several cybercriminals have started targeting legitimate virtualization platforms used in the organizations. A new malware was recently found exploiting bugs in the newer versions of…
nilssonanders – Great write-up of the NotPetya malware hitting Maersk
https://t.co/s7pEVoMDjP
nilssonanders – TwitterJun 22 2020 05:31
Great write-up of the NotPetya malware hitting Maersk
https://gvnshtn.com/maersk-me-notpetya/
Vulnerabilities
ConnectWise Partners Hit By Ransomware Via Automate Flaw
Office of Inadequate SecurityJun 21 2020 12:33
O’Ryan Johnson reports: Multiple ConnectWise partners have had their customers hit with ransomware through a software…
Vulnerability Management, Taking a Wide View
Medium Cybersecurity – RSSJun 21 2020 13:08
cybersecboardrm – Cisco Patches Flaw in Webex Videoconferencing App #Cybersecurity #security #ui https://t.co/8yIiSKj2Lb
cybersecboardrm – TwitterJun 21 2020 05:30
Cisco Patches Flaw in Webex Videoconferencing App #Cybersecurity #security #ui https://www.darkreading.com/vulnerabilities—threats/cisco-patches-flaw-in-webex-videoconferencing-app/d/d-id/1338129
InfoSecHotSpot – Cisco Releases Multiple Security Updates Original release date: June 18, 2020 Cisco has released security updates t… https://t.co/WLaMBrAllJ
InfoSecHotSpot – TwitterJun 21 2020 15:58
Cisco Releases Multiple Security Updates Original release date: June 18, 2020 Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of…
Ongoing Campaigns

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 08 July 2020

    Silobreaker's Daily COVID-19 Alert for 08 July 2020
  • Cyber Alert – 08 July 2020

    Cyber Alert: Exposed dating service databases leak sensitive info on romance-seekers...
  • COVID-19 Alert – 07 July 2020

    Silobreaker's Daily COVID-19 Alert for 07 July 2020
View all News

Request a demo

Get in touch