22 October 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
PowGoop 10 14
MuddyWater Group 10 18
LockBit Ransomware 9 14
Egregor Ransomware 8 29
IcedID Trojan 6 10
DarkSide Ransomware 6 26
Maze Ransomware 6 11
Trickbot Malware 28 131
Ataware Ransomware 3 4
UNC1878 3 3
Data Breaches
Secnewsbytes – RT @ZDNet: New Gitjacker tool lets you find .git folders exposed online https://t.co/EOpq9l11ILSecnewsbytes – Twitter – Oct 21 2020 07:50RT @ZDNet: New Gitjacker tool lets you find .git folders exposed online…
Ensuring Transparency: Language to Avoid in HIPAA Breach NotificationsOffice of Inadequate Security – Oct 21 2020 21:47Over on HealthIT Security, Jessica Davis is singing a tune I’ve often sung about transparency in breach notifications….
InfosecurityMag – According to new research from @vpnmentor highlights that #PersonaInformation of hundreds of prescription drug take… https://t.co/JsGPWOgSZUInfosecurityMag – Twitter – Oct 21 2020 10:26According to new research from @vpnmentor highlights that #PersonaInformation of hundreds of prescription drug takers have been exposed over two months due to a cloud misconfiguration at Pfizer https://bit.ly/3kkCyLP
Secnewsbytes – Barnes & Noble hit by Egregor ransomware, strange data leaked https://t.co/kzQzlpEEdQSecnewsbytes – Twitter – Oct 21 2020 16:37Barnes & Noble hit by Egregor ransomware, strange data leaked https://www.bleepingcomputer.com/news/security/barnes-and-noble-hit-by-egregor-ransomware-strange-data-leaked/
Hacker Groups
Chat Digest – Ghost Squad Hackers 2020/10/21 23:42 – 23:42 UTC“Ghost Squad Hackers” – Telegram – Oct 21 2020 23:42[23:42] : Unemployment sauce
The Revival of the Silent LibrarianCyware – Oct 21 2020 18:36Students are going back to schools and so is Silent Librarian. The scoop Silent Librarian , TA407, or Cobalt Dickens is an Iranian state-sponsored APT group infamous for targeting educational institutions for research materials, via spear-phishing…
‘MuddyWater’ spies suspected in attacks against Middle East governments, telecomsCyberscoop – News – Oct 21 2020 12:00One of the most prolific cyber-espionage groups linked to Iran has used old tricks — and perhaps a new hacking tool — in dozens of attempts to breach government and telecommunications operators in the Middle East in recent months, security…
Bing_Chris – @ifthedevilisix No direct insight here, but DragonFly = Energetic bear. So it’s the same group. Unclear on malware
https://t.co/zsaqgF9Goa
Bing_Chris – Twitter – Oct 21 2020 16:13@ifthedevilisix No direct insight here, but DragonFly = Energetic bear. So it's the same group. Unclear on malware
https://www.secureworks.com/research/threat-profiles/iron-liberty
Malware
LockBit ransomware moves quietly on the network, strikes fastBleepingComputer.com – Oct 21 2020 14:28LockBit ransomware takes as little as five minutes to deploy the encryption routine on target systems once it lands on the victim network. […]
Life of Maze ransomwareSecurelist – Oct 21 2020 10:02In the past year, Maze ransomware has become one of the most notorious malware families threatening businesses and large organizations. Dozens of organizations have fallen victim to this vile malware, including LG , Southwire , and the City of…
What Is a Ransomware Attack? What Can You Do?TechNadu – Oct 21 2020 14:03In the real world, a ransom is something you pay to get a precious person or item back from the criminals who have seized it. In the virtual world of cybercriminals, exactly the same thing can happen! Except the precious treasure are your data, and…
Microsoft took down 120 of 128 Trickbot servers in recent takedownSecurity Affairs – Oct 21 2020 06:00Microsoft brought down TrickBot infrastructure last week, but a few days later the botmasters set up a new command and control (C&C) servers. Microsoft’s…
Vulnerabilities
cybersecboardrm – Hackers are targeting CVE-2020-3118 flaw in Cisco devices #Cybersecurity #digital #security https://t.co/uBEl6jky9Ucybersecboardrm – Twitter – Oct 22 2020 02:24Hackers are targeting CVE-2020-3118 flaw in Cisco devices #Cybersecurity #digital #security…
securityaffairs – Hackers are targeting CVE-2020-3118 flaw in #Cisco devices
https://t.co/SSyswh3q1y
#securityaffairs #hacking
securityaffairs – Twitter – Oct 21 2020 06:46Hackers are targeting CVE-2020-3118 flaw in #Cisco devices

Hackers are targeting CVE-2020-3118 flaw in Cisco devices


#securityaffairs #hacking

Hackers are targeting CVE-2020-3118 flaw in Cisco devicesSecurity Affairs – Oct 21 2020 06:42Cisco warns of attacks attempting to exploit the CVE-2020-3118 vulnerability that affects multiple carrier-grade routers running Cisco IOS XR Software. Cisco is warning of attacks targeting the …
QNAP warns of Windows Zerologon flaw affecting some NAS devicesBleepingComputer.com – Oct 21 2020 17:06Network-attached storage device maker QNAP warns customers that some NAS storage devices running vulnerable versions of the QTS operating system are exposed to attacks attempting to exploit the critical Windows ZeroLogon vulnerability. […]
Ongoing Campaigns
Ryuk Ransomware Group using Zerologon Vulnerability to Accomplish their Objective FasterSeclists.org – Data Loss – Oct 21 2020 14:50Posted by Destry Winant on Oct 21 https://gbhackers.com/ryuk-ransomware-attack-2/ Ryuk ransomware is known for targeting know for targeting various large organizations worldwide. It is often distributed by other malware such as Emotet or TrickBot….
The Shifting Phishing Landscape and LuresCyware – Oct 21 2020 18:36Earlier this year, cybercriminals has began cashing in on the COVID-19 scare. They have been sending phishing emails impersonating healthcare professionals and organizations. However, new phishing lures have emerged now. What’s going on? Ongoing…
‘Robin Hood’ hackers donate stolen Bitcoin to charityIT Pro UK – Oct 21 2020 12:01A hacking group going by the name of Darkside has attempted to donate around $20,000 in stolen Bitcoin to charity. One of these charities, Children Internation, said it will be refusing the $10,000 donation because it has allegedly come from a…
Chinese Hackers Target Cisco Discovery Protocol VulnerabilitySecurity Week – Oct 21 2020 10:18Chinese state-sponsored hackers are targeting a Cisco Discovery Protocol vulnerability that was disclosed earlier this year, the networking giant and the U.S. National Security Agency revealed on Tuesday. An advisory published by the NSA on Tuesday…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal