Threat Reports

Cyber Alert – 23 June 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
NitroHack 6 14
Pegasus Malware 5 8
Nefilim Ransomware 5 8
CryptoLocker 4 4
Truniger Hacker Group 4 5
NEPHILIM Ransomware 4 4
Clop Ransomware 4 4
Dridex Malware 5 13
FTCODE Ransomware 3 3
Guccifer2 3 3
Data Breaches
XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers
TrendLabs Security IntelligenceJun 22 2020 11:58
Comment: Potentially Sensitive Data From Over 200 US Police Departments Exposed Online By ‘BlueLeak’s
Information Security BuzzJun 22 2020 11:13
Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “BlueLeaks” and made searchable online, stems from a security breach at a Texas web design…
BleepinComputer – According to @bad_packets, Indiabulls has a Citrix Netscaler ADC gateway exposed that is vulnerable to CVE-2019-197… https://t.co/SfOLcZcCrX
BleepinComputer – TwitterJun 23 2020 01:05
According to @bad_packets, Indiabulls has a Citrix Netscaler ADC gateway exposed that is vulnerable to CVE-2019-19781. It is not known if this vulnerability was used in the attack.
BleepinComputer – On their data leak, CLOP has released screenshots of documents allegedly stolen during this attack and stated that… https://t.co/jgIg0yZvpD
BleepinComputer – TwitterJun 23 2020 01:05
On their data leak, CLOP has released screenshots of documents allegedly stolen during this attack and stated that Indiabulls have 24 hours to negotiate with them. https://twitter.com/BleepinComputer/status/1275233426413621254/photo/1
Hacker Groups
ACSC Releases Advisory on Cyber Campaign using Copy-Paste Compromises
CERT-EU – Latest Articles Ongoing Threats – RSSJun 22 2020 15:48
The Australian Cyber Security Centre (ACSC) has released an advisory regarding an ongoing cyber campaign involving “copy-paste compromises” targeting Australian government and commercial networks. According to the advisory, a sophisticated malicious…
Dark Basin Uncovering a Massive Hack-For-Hire Operation
BluelivJun 22 2020 13:44
Researchers give the name Dark Basin to a hack-for-hire organization that has targeted thousands of individuals and organizations on six continents, including senior politicians, government prosecutors, CEOs, journalists, and human rights…
Rare Acidbox malware targeted Russian organizations using Turla APT exploit
CERT-EU – Latest Articles Ongoing Threats – RSSJun 22 2020 08:01
Security researchers came across a new malware, which they dubbed AcidBox, that leverages an exploit previously associated with Turla cyber espionage group. The Turla group, also tracked as Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON, has…
lorenzofb – Around 4 years ago, with the help of @thegrugq, @pwnallthethings, and @RidT, we revealed that Guccifer 2.0 was like… https://t.co/AC1jlHmFop
lorenzoFB – TwitterJun 22 2020 18:52
Around 4 years ago, with the help of @thegrugq, @pwnallthethings, and @RidT, we revealed that Guccifer 2.0 was likely a Russian govt operation.

We were the first to call BS on Guccifer 2.0, and an indictment and the Mueller report later confirmed…

Malware
Securityblog – Discord modified to steal accounts by new NitroHack malware https://t.co/TCvyce9sSZ
Securityblog – TwitterJun 22 2020 12:50
Discord modified to steal accounts by new NitroHack malware https://flip.it/MhpgEY
Vulnerabilities
NA – CVE-2020-7262 – Improper Access Control vulnerability in McAfee…
CERT-EU VulnerabilitiesApplicationsJun 22 2020 11:31
This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary Improper Access Control vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.10.0…
CVEnew – CVE-2020-1727 A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an I… https://t.co/10yHnaOR9D
CVEnew – TwitterJun 22 2020 19:00
CVE-2020-1727 A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that…
NA – CVE-2020-10740 – A vulnerability was found in Wildfly in…
CERT-EU VulnerabilitiesApplicationsJun 22 2020 23:34
A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise Application Beans(EJB) due to lack of validation/filtering capabilities in wildfly.
CVEnew – CVE-2019-14894 A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version… https://t.co/XRF65wyJHY
CVEnew – TwitterJun 22 2020 19:00
CVE-2019-14894 A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this…
Ongoing Campaigns

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • Cyber Alert – 08 July 2020

    Cyber Alert: Exposed dating service databases leak sensitive info on romance-seekers...
  • COVID-19 Alert – 07 July 2020

    Silobreaker's Daily COVID-19 Alert for 07 July 2020
  • Cyber Alert – 07 July 2020

    Cyber Alert: Secnewsbytes - Data Breach: Millions of Dating App Records, Messages, and User Profiles Exposed in Data Leak https://t.co/LoPJIqyK1R...
View all News

Request a demo

Get in touch