24 December 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Lazarus Group 15 18
EMOTET Trojan 20 53
UltraRank 3 3
Dridex Malware 4 10
Mount Locker Ransomware 4 9
Jigsaw Ransomware 2 2
Cobalt Strike Beacon 3 8
Pay2Key Ransomware 4 28
Carbanak 2 2
QakBot 4 7
Data Breaches
Grid regulator warns utilities of risk of SolarWinds backdoor, asks how exposed they areCyberscoop – News – Dec 23 2020 20:54The North American electric grid regulator has asked utilities to report how exposed they are to SolarWinds software that is at the center of a suspected Russian hacking operation, and the agency advised utilities that the vulnerability “poses a…
CyberScoopNews – NEW: Grid regulator NERC warns utilities of risk of SolarWinds backdoor, asks how exposed they are https://t.co/kfwoXfLNvi by @snlyngaasCyberScoopNews – Twitter – Dec 23 2020 20:56NEW: Grid regulator NERC warns utilities of risk of SolarWinds backdoor, asks how exposed they are https://hubs.ly/H0D0LL40 by @snlyngaas
InfoSecHotSpot – Only 30% prepared to secure a complete shift to remote work The biggest security concerns facing businesses are dat… https://t.co/51ZFwkRxEvInfoSecHotSpot – Twitter – Dec 23 2020 10:28Only 30% prepared to secure a complete shift to remote work The biggest security concerns facing businesses are data leaking through endpoints (27%), loss of visibility of user activity (25%) and maintaining compliance with regulatory requirements…
SecurityWeek – Millions of Devices Exposed to Attacks Exploiting Vulnerabilities Used in the Stolen FireEye Tools https://t.co/5zlszM7LohSecurityWeek – Twitter – Dec 24 2020 02:24Millions of Devices Exposed to Attacks Exploiting Vulnerabilities Used in the Stolen FireEye Tools https://www.securityweek.com/millions-devices-affected-vulnerabilities-used-stolen-fireeye-tools
Hacker Groups
‘UltraRank’ Targets More E-Commerce SitesDataBreachToday.eu – Dec 23 2020 18:09Group Uses JavaScript Sniffer to Steal Payment Card Data A cybercriminal gang known as "UltraRank" has launched a new campaign, targeting at least a dozen e-commerce sites to steal payment card data using a JavaScript sniffer, says security firm…
curtw – Some of the code used by FIN7 is easily available, therefore I’m not convinced that FIN7 themselves is specifically… https://t.co/LpASCOxrcvcurtw – Twitter – Dec 23 2020 22:57Some of the code used by FIN7 is easily available, therefore I’m not convinced that FIN7 themselves is specifically involved, but it is possible. Either way, IOCs.
A Timeline Perspective of the SolarStorm Supply-Chain AttackUnit42 Palo Alto – RSS – Dec 23 2020 17:15The SolarStorm timeline summarized here is based on the information available to us and our direct experience defending against this threat. The post …
Lazarus Attacks Vaccine ResearchTerabitWeb Blog – RSS – Dec 23 2020 18:14Original Post from InfoSecurity Magazine Author: Lazarus Attacks Vaccine Research The infamous advanced persistent threat…
Malware
7 ways malware can get into your deviceWeLiveSecurity RSS – Dec 23 2020 10:30You know that malware is bad, but are you also aware of the various common ways in which it can infiltrate your devices? The post 7 ways…
CERT_at – RT @msftsecurity: Empowering defenders with protection guidance on the Solorigate attack. See our latest guidance for on-premises and cloud…CERT_at – Twitter – Dec 23 2020 07:44RT @msftsecurity: Empowering defenders with protection guidance on the Solorigate attack. See our latest guidance for on-premises and cloud environments to re-establish trusted identities suspected of compromise by the Solorigate malware:…
cybersecboardrm – Partial lists of organizations infected with Sunburst malware released online #Cybersecurity #security https://t.co/kcp1kCHsDwcybersecboardrm – Twitter – Dec 23 2020 20:01Partial lists of organizations infected with Sunburst malware released online #Cybersecurity #security https://www.zdnet.com/google-amp/article/partial-lists-of-organizations-infected-with-sunburst-malware-released-online/
Ransomware: Attacks could be about to get even more dangerous and disruptiveZDNet Security – Dec 23 2020 11:15Cyber criminals are still successfully conducting ransomware campaigns while demanding higher ransoms than ever – and things could be about to get a lot worse.
Vulnerabilities
SecurityWeek – Critical Flaws in Kepware Products Can Facilitate Attacks on Industrial Firms https://t.co/01l5deGKF8SecurityWeek – Twitter – Dec 23 2020 15:55Critical Flaws in Kepware Products Can Facilitate Attacks on Industrial Firms https://www.securityweek.com/critical-flaws-kepware-products-can-facilitate-attacks-industrial-firms
Dell Wyse Thin Client scores two perfect 10 security flawsDataBreaches.net – Dec 23 2020 13:33Thomas Claburn reports: Dell, which pitches its Wyse ThinOS as “the most secure thin client operating system,” plans to publish an advisory on Monday for two security vulnerabilities that are as bad as they could possibly be….
SecurityWeek – Critical Flaws in Kepware Products Can Facilitate Attacks on Industrial Firms https://t.co/01l5dep9gy #ICS #SCADASecurityWeek – Twitter – Dec 24 2020 04:15Critical Flaws in Kepware Products Can Facilitate Attacks on Industrial Firms https://www.securityweek.com/critical-flaws-kepware-products-can-facilitate-attacks-industrial-firms #ICS #SCADA
Securityblog – Critical Flaws in Kepware Products Can Facilitate Attacks on Industrial Firms | https://t.co/08MJfOsUA9 https://t.co/3ANhas8lxfSecurityblog – Twitter – Dec 23 2020 16:07Critical Flaws in Kepware Products Can Facilitate Attacks on Industrial Firms | http://SecurityWeek.Com https://www.securityweek.com/critical-flaws-kepware-products-can-facilitate-attacks-industrial-firms
Ongoing Campaigns
SolarWinds and Supply Chain Attacks: Could it happen to WordPress?Wordfence – RSS – Dec 23 2020 19:38The SolarWinds supply chain attack is all over the news, impacting government agencies, telecommunications firms, and other large organizations. The security firm FireEye was the first victim of the attack, disclosing that they had been hacked on…
How we protect our users against the Sunburst backdoorKaspersky Lab – Dec 23 2020 11:30
Now Fox Kitten APT Deploys Pay2Key Ransomware to Create PanicCyware – Dec 23 2020 19:24Fox Kitten, an Iranian-backed hacking group, has been linked with the Pay2Key ransomware operations that eye on organizations in Israel and Brazil. What happened? This particular ransomware operation is part of the ongoing cyber showdown between…
Pyongyang hackers eye more coronavirus research, Kaspersky saysCyberscoop – News – Dec 23 2020 17:12North Korean-government linked hackers are continuing their effort to break into entities working on coronavirus-related research. In their latest antics, the hackers, suspected to be part of the government-backed hacking team known as…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal