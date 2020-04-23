Cyber Alert – 23 April 2020
|Data Breaches
|SBA May Have Exposed Data on 8,000 Loan Applicants
|BankInfoSecurity – Apr 22 2020 13:14
|Reports: Application Portal Flaw May Have Leaked Social…
|Almost 8,000 Could be Affected by Federal Emergency Loan Data Breach
|MalwareTips.com – Apr 22 2020 08:45
|Almost 8,000 business owners who applied for a loan from the Small Business Administration may have had their personal information exposed to other applicants, the SBA admitted on Tuesday. The breach relates to a long-standing SBA program called…
|Data Breach: Bad actor leaks 23 million account credentials from Webkinz children’s platform
|Security Bloggers Network – Apr 22 2020 14:51
|Over the weekend, ZDNet learned that nearly 23 million usernames and hashed passwords…
|SBA Reports Data Breach in Disaster Loan Application Website
|SecurityWeek RSS Feed – Apr 22 2020 12:25
|Thousands of small business owners reeling from the aggressive measures taken to halt the spread of the coronavirus may have had their personal information exposed last month on a government website that handles disaster loan…
|Hacker Groups
|Gaming Company Targeted By Chinese Winnti Hackers
|SecurityPhresh – Apr 22 2020 09:32
|Far from pausing operations during the COVID-19 pandemic, Chinas notorious Winnti hacking group has been busy launching new attacks on targets, researchers say.
|APT32 Hackers Targeted Chinese Govt Over Coronavirus Response
|SecurityPhresh – Apr 23 2020 03:33
|Group allegedly linked to Vietnam government.
|COVID-19 cyber espionage saw Chinese ministry targeted by Ocean Lotus: FireEye
|ZDNet Security – Apr 23 2020 05:47
|Spear phishing campaign out of Vietnam went after information related to coronavirus, security firm says.
|APT32 actively spearphishing Chinese officials in a search for COVID-19 data
|SC Magazine US – Apr 22 2020 21:44
|The suspected Vietnamese threat group APT32 has been conducting a spearphishing campaign against Chinese targets in an attempt to glean information on COVID-19. FireEye’s Mandiant Threat Intelligence Team reported the attacks have been conducted…
|Malware
|.npsk ransomware
|MalwareTips.com – Apr 22 2020 15:02
|HI!!! Can Anyone help me. I got hit by .npsk ransomeware encrypting my every file. Please help me for the solution for decryption of my files. THE NOTE GOES LIKE THIS ATTENTION! Don't worry, you can return all your files! All your files like photos,…
|LA County Hit with DoppelPaymer Ransomware Attack
|Threatpost.com – Apr 22 2020 17:01
|The DoppelPaymer ransomware group is claiming that it launched a cyberattack against Torrance – and is now leaking the LA city's data online.
|Loki Delivered as CAB File Attachment 4/22/20 12:00 AM
|Trend Micro – Apr 22 2020 09:51
|Analysis and insights by Miguel Ang We found in our honeypot a spam sample that delivers the info stealer Loki through an attached Windows Cabinet (CAB) file. The email that bears the malicious file poses as a quotation request to trick the user into…
|The “Winnti” APT Group Is Back to Targeting Gaming Companies
|TechNadu – Apr 22 2020 13:29
|Activity attributed to the “Winnti” group of Chinese hackers has been spotted by researchers recently. The hackers are now targeting the creator of “Ragnarok Online,” the Korean “Gravity” gaming firm. The researchers warn that medium-sized highly…
|Vulnerabilities
|Multiple Zero-Day Vulnerabilities in iOS Mail App Exploited in the Wild
|Tenable Blog – Apr 23 2020 00:17
|Patches for a pair of critical iOS vulnerabilities are currently in beta, as users are strongly encouraged to disable accounts in their Mail app until the fixes are generally available. Background On April 20, researchers at ZecOps …
|New iOS vulnerability being exploited to spy on Uyghurs in China
|HackRead – Apr 22 2020 14:05
|Home » Surveillance » New iOS vulnerability being exploited to spy on Uyghurs in China
|ADV200004: Microsoft Releases Out-of-Band Advisory to Address Flaws in Autodesk Filmbox (FBX) Library
|Tenable Blog – Apr 22 2020 18:41
|Microsoft responds to a recent security advisory from Autodesk by publishing an out-of-band advisory for Office products integrating the Autodesk library. Background On April 15, Autodesk released a security advisory, …
|Attack Of The Clones: If You Were Relying On Older Xilinx FPGAs To Keep Your Products Hardware Code Encrypted And Secret, Heres Some Bad News
|SecurityPhresh – Apr 22 2020 11:17
|Decrypted configuration bitstream can be siphoned from chips via side-channel flaw A newly disclosed vulnerability in older Xilinx FPGAs can be exploited to simplify the process of extracting and decrypting the encrypted bitstreams used to configure…
