23 December 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
EMOTET Trojan 18 35
Sunburst Backdoor 28 197
Dridex Malware 4 6
FlawedAmmyy RAT 2 2
WannaCry Ransomware 3 9
The Shadow Brokers 2 3
NotPetya Ransomware 3 15
Ryuk Ransomware 6 23
Trickbot Malware 11 33
Clop Ransomware 2 6
Data Breaches
kfalconspb – Up early, and once more into the breach! https://t.co/KmKGTaypkRkfalconspb – Twitter – Dec 22 2020 15:17Up early, and once more into the breach! https://twitter.com/kfalconspb/status/1341402487639707648/photo/1
Two groups might have breached SolarWinds Orion software- MicrosoftHackRead – Dec 22 2020 19:15By Deeba Ahmed The ongoing investigation into the SolarWinds supply chain cyberattack indicates the involvement of another APT group. This is a post from HackRead.com Read the original post: …
Combating the Supply-Chain Breaches with Auto-generated Egress PoliciesSecurity Bloggers Network – Dec 22 2020 17:52In light of recent security incidents, we see again that restricting egress traffic through segmentation is an effective way to prevent attacks. In response to the Solarwinds breach, FireEye recommends organizations to “Block…
teirdes – To those of you DM:ing me – wage transparency would solve both the disproportionally exposed position of women and… https://t.co/ENQ16EuZWPteirdes – Twitter – Dec 22 2020 07:26To those of you DM:ing me – wage transparency would solve both the disproportionally exposed position of women and foreigners in wage negotiations and remedy concerns of employees. Also demeaning employees is not OK even if you don't like them. @fsf…
Hacker Groups
Why Must You Get Anonymous Proxy Service?FirmenPresse – Dec 23 2020 05:14Proxies.com – The cheapest and most advanced proxy service on the planet. (firmenpresse) – Have you ever wondered why quite a few people get anonymous proxy service? This really is not getting paranoid or obsessive about your security, but the truth is…
anon_indonesia – The Anonymous Indonesia News Daily is out! https://t.co/nDKi4PHj7canon_indonesia – Twitter – Dec 23 2020 03:14The Anonymous Indonesia News Daily is out! https://paper.li/anon_indonesia/1435572762?edition_id=0430e5f0-44cd-11eb-a9a9-002590a5ba2d
Palo Alto Networks introduces rapid response program for organizations navigating SolarStorm cyberattacksChase – Dec 22 2020 15:31(MarketLine via COMTEX News Network) — Palo Alto Networks has launched a rapid response program to help SolarWinds Orion customers navigate risks from cyberattacks. SolarWinds Orion products are currently being exploited by malicious actors to gain…
TheEconomist – A team of Russian hackers, known as Cozy Bear, is thought to have penetrated American government departments, where… https://t.co/GuPGS6xPvETheEconomist – Twitter – Dec 22 2020 16:00A team of Russian hackers, known as Cozy Bear, is thought to have penetrated American government departments, where they could read internal emails at will https://econ.st/34euiH5
Malware
ZDNet – Partial lists of organizations infected with Sunburst malware released online https://t.co/poIUGpdxTUZDNet – Twitter – Dec 22 2020 09:30Partial lists of organizations infected with Sunburst malware released online…
ZDNet – Partial lists of organizations infected with Sunburst malware released online https://t.co/htbYcFB0aSZDNet – Twitter – Dec 22 2020 13:45Partial lists of organizations infected with Sunburst malware released online…
ZDNet – Partial lists of organizations infected with Sunburst malware released online https://t.co/9NnWDYKKkRZDNet – Twitter – Dec 22 2020 18:00Partial lists of organizations infected with Sunburst malware released online…
ZDNet – Partial lists of organizations infected with Sunburst malware released online https://t.co/MBgFutMpDAZDNet – Twitter – Dec 22 2020 22:15Partial lists of organizations infected with Sunburst malware released online…
Vulnerabilities
Dinosn – RT @wugeej: CVE-2020-35606 arbitrary command execution vulnerability in Webmin

This vulnerability is bypassing the measure taken for CVE-2…Dinosn – Twitter – Dec 22 2020 07:26RT @wugeej: CVE-2020-35606 arbitrary command execution vulnerability in Webmin

This vulnerability is bypassing the measure taken for CVE-2019-12840 and converting it into a new vector.
Vendor did not fixed this vulnerability…

Critical Flaws Put Dell Wyse Thin Client Devices at RiskBankInfoSecurity – Dec 22 2020 21:40Researchers: Vulnerabilities Could Allow Remote…
Securityblog – RT @wugeej: CVE-2020-35606 arbitrary command execution vulnerability in Webmin

This vulnerability is bypassing the measure taken for CVE-2…Securityblog – Twitter – Dec 22 2020 10:59RT @wugeej: CVE-2020-35606 arbitrary command execution vulnerability in Webmin

This vulnerability is bypassing the measure taken for CVE-2019-12840 and converting it into a new vector.
Vendor did not fixed this vulnerability…

Secnewsbytes – Dozens of journalists had their iPhones hacked using an iMessage flaw – BGR https://t.co/tfRTQFRyjFSecnewsbytes – Twitter – Dec 22 2020 21:55Dozens of journalists had their iPhones hacked using an iMessage flaw – BGR https://bgr.com/2020/12/21/iphone-hack-imessage-flaw-spyware-al-jazeera/
Ongoing Campaigns
Brand New Agent Tesla Now has Improved Data Exfiltration FeaturesCyware – Dec 22 2020 19:24Malware never gets old; the older the malware their iterations are even more tricky. Recently, Agent Tesla keylogger malware has got a slight modification and expansion in its tactics, targets, and data exfiltration features, according to Cofense…
cybersecboardrm – SolarWinds Campaign Focuses Attention on ‘Golden SAML’ Attack Vector #Cybersecurity #security https://t.co/TeJqtnDRaMcybersecboardrm – Twitter – Dec 23 2020 00:57SolarWinds Campaign Focuses Attention on 'Golden SAML' Attack Vector #Cybersecurity #security https://www.darkreading.com/attacks-breaches/solarwinds-campaign-focuses-attention-on-golden-saml-attack-vector/d/d-id/1339794
Dinosn – SolarWinds Campaign Focuses Attention on ‘Golden SAML’ Attack Vector https://t.co/SpHyOy6Jn1Dinosn – Twitter – Dec 23 2020 04:39SolarWinds Campaign Focuses Attention on 'Golden SAML' Attack Vector https://www.darkreading.com/attacks-breaches/solarwinds-campaign-focuses-attention-on-golden-saml-attack-vector/d/d-id/1339794?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
KimZetter – Pls forgive personal plug; I’m grateful the book is well received: “A page turner…exploring the 2010 Iranian Stux… https://t.co/ZuE408vaoTKimZetter – Twitter – Dec 22 2020 18:43Pls forgive personal plug; I'm grateful the book is well received: "A page turner…exploring the 2010 Iranian Stuxnet attacks [that] reads like a modern day Jason Bourne story….Stuxnet was the most sophisticated digital attack of its kind – and…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal