This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Conti Ransomware 13 14
Lazarus Group 22 34
LokiBot Trojan 20 54
Ryuk Ransomware 8 15
Goblin Panda 6 8
Dharma Ransomware 9 52
Trickbot Malware 7 14
SunCrypt Ransomware 3 3
BetaBot 3 5
SourMint 3 6
Data Breaches
Expert Commentary: Travel Site Exposed 37 Million Records Before Meow Attack
Information Security BuzzAug 25 2020 10:14
RailYatri, the company behind one of India’s most popular travel booking sites exposed 43GB of customer and corporate data before it was deleted by the infamous “Meow” attacker. A team at SafetyDetectives discovered an Elasticsearch server without…
Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database
HOTforSecurityAug 25 2020 14:57
BleepinComputer – This data leak site currently includes 26 victims, with some being well-known. For each victim, a dedicated page i… https://t.co/11E41HFX8X
BleepinComputer – TwitterAug 25 2020 18:15
This data leak site currently includes 26 victims, with some being well-known. For each victim, a dedicated page is created with samples of leaked data. https://twitter.com/BleepinComputer/status/1298323202305925122/photo/1
Dinosn – Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database https://t.co/0y2v4xzATE
Dinosn – TwitterAug 26 2020 04:04
Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database http://feedproxy.google.com/~r/SecurityBloggersNetwork/~3/cIX53-Mmx5I/
Hacker Groups
DeathStalker threat group spies on small and medium businesses
CyberSecurity Help – Blog – RSSAug 25 2020 11:23
The group does not appear to be motivated by financial gain, instead, DeathStalker is focused on sensitive business data.
North Korea’s Lazarus targets cryptocurrency vertical
Computer WeeklyAug 25 2020 11:45
APT group behind the infamous WannaCry incident is targeting cryptocurrency operators, according to new research The Lazarus Group, the advanced persistent threat (APT) group aligned to the interests of the North Korean government, is orchestrating a…
The Trail of BlackTech’s Cyber Espionage Campaigns
Vyagers – RSSAug 26 2020 01:57
https://www.trendmicro.com/en_us/research/17/f/following-trail-blacktech-cyber-espionage-campaigns.html
APT36 Sharpens Tools While Focusing on New Targets
CywareAug 25 2020 19:24
Transparent Tribe aka APT36, a Pakistan-based APT group, is known for surveillance and spying government and military organizations in India and Afghanistan. Recently, they have been observed further enhancing their arsenal with new toolkits and…
Malware
GOT: Conti (Ryuk) joins the ranks of ransomware gangs operating data leak sites
ZDNet SecurityAug 25 2020 17:17
More and more ransomware gangs are now operating sites where they leak sensitive data from victims who refuse to pay the ransom demand.
ZDNet – GOT: Conti (Ryuk) joins the ranks of ransomware gangs operating data leak sites https://t.co/hh43UR8rFI by @campuscodi
ZDNet – TwitterAug 25 2020 17:17
GOT: Conti (Ryuk) joins the ranks of ransomware gangs operating data leak sites https://zd.net/2EwGQjd by @campuscodi
BleepinComputer – Conti is now one out of 17 other ransomware operations that steal data, including Ako, Avaddon, Clop, CryLock, Dopp… https://t.co/ZOK6HcxBZa
BleepinComputer – TwitterAug 25 2020 18:15
Conti is now one out of 17 other ransomware operations that steal data, including Ako, Avaddon, Clop, CryLock, DoppelPaymer, Maze, MountLocker, Nemty, Nephilim, Netwalker, Pysa/Mespinoza, Ragnar Locker, REvil, Sekhmet, Snatch, and…
BleepinComputer – With Conti, there are now 17 ransomware operations leaking data. These operations include, Ako, Avaddon, Clop, CryL… https://t.co/bnkBirGsk4
BleepinComputer – TwitterAug 25 2020 23:27
With Conti, there are now 17 ransomware operations leaking data. These operations include, Ako, Avaddon, Clop, CryLock, DoppelPaymer, Maze, MountLocker, Nemty, Nephilim, Netwalker, Pysa/Mespinoza, Ragnar Locker, REvil, Sekhmet, Snatch, and Snake…
Vulnerabilities
CVEnew – CVE-2020-17404 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo… https://t.co/imrLLLQiIP
CVEnew – TwitterAug 25 2020 21:45
CVE-2020-17404 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
Enterprise Application Access Client (EAA) Vulnerability (CVE-2019-18847) – Remote Code Execution and Privilege Escalation in Zero Trust Model.
Reddit – NetsecAug 25 2020 18:03
submitted by /u/knapstack123 [link]…
CVEnew – CVE-2020-15641 This vulnerability allows remote attackers to disclose sensitive information on affected installatio… https://t.co/GLy5sKiorv
CVEnew – TwitterAug 25 2020 21:45
CVE-2020-15641 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within…
CVEnew – CVE-2020-15640 This vulnerability allows remote attackers to disclose sensitive information on affected installatio… https://t.co/zVAWT1NJUA
CVEnew – TwitterAug 25 2020 21:45
CVE-2020-15640 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within…
Ongoing Campaigns
Hack-for-Hire Group Targets Financial Sector Since 2012
Security WeekAug 25 2020 12:06
A hack-for-hire group has been targeting organizations in the financial sector since 2012, for cyber-espionage purposes, Kaspersky’s security researchers reveal. Dubbed DeathStalker, the “mercenary” advanced persistent threat (APT) has been targeting…
Law Enforcement Agencies Warn of Vishing Attacks Targeting Employees
Security Bloggers NetworkAug 25 2020 07:15
Weekly Threat Briefing: Cryptominers, Phishing, APT Group, and More
ThreatStream BlogAug 25 2020 14:00
The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Backdoor, GoldenSpy, Phishing, Ransomware, and Vulnerabilities. The IOCs related to these stories…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Conti Ransomware 13 14
Lazarus Group 22 34
LokiBot Trojan 20 54
Ryuk Ransomware 8 15
Goblin Panda 6 8
Dharma Ransomware 9 52
Trickbot Malware 7 14
SunCrypt Ransomware 3 3
BetaBot 3 5
SourMint 3 6
Data Breaches
Expert Commentary: Travel Site Exposed 37 Million Records Before Meow Attack
Information Security BuzzAug 25 2020 10:14
RailYatri, the company behind one of India’s most popular travel booking sites exposed 43GB of customer and corporate data before it was deleted by the infamous “Meow” attacker. A team at SafetyDetectives discovered an Elasticsearch server without…
Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database
HOTforSecurityAug 25 2020 14:57
BleepinComputer – This data leak site currently includes 26 victims, with some being well-known. For each victim, a dedicated page i… https://t.co/11E41HFX8X
BleepinComputer – TwitterAug 25 2020 18:15
This data leak site currently includes 26 victims, with some being well-known. For each victim, a dedicated page is created with samples of leaked data. https://twitter.com/BleepinComputer/status/1298323202305925122/photo/1
Dinosn – Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database https://t.co/0y2v4xzATE
Dinosn – TwitterAug 26 2020 04:04
Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database http://feedproxy.google.com/~r/SecurityBloggersNetwork/~3/cIX53-Mmx5I/
Hacker Groups
DeathStalker threat group spies on small and medium businesses
CyberSecurity Help – Blog – RSSAug 25 2020 11:23
The group does not appear to be motivated by financial gain, instead, DeathStalker is focused on sensitive business data.
North Korea’s Lazarus targets cryptocurrency vertical
Computer WeeklyAug 25 2020 11:45
APT group behind the infamous WannaCry incident is targeting cryptocurrency operators, according to new research The Lazarus Group, the advanced persistent threat (APT) group aligned to the interests of the North Korean government, is orchestrating a…
The Trail of BlackTech’s Cyber Espionage Campaigns
Vyagers – RSSAug 26 2020 01:57
https://www.trendmicro.com/en_us/research/17/f/following-trail-blacktech-cyber-espionage-campaigns.html
APT36 Sharpens Tools While Focusing on New Targets
CywareAug 25 2020 19:24
Transparent Tribe aka APT36, a Pakistan-based APT group, is known for surveillance and spying government and military organizations in India and Afghanistan. Recently, they have been observed further enhancing their arsenal with new toolkits and…
Malware
GOT: Conti (Ryuk) joins the ranks of ransomware gangs operating data leak sites
ZDNet SecurityAug 25 2020 17:17
More and more ransomware gangs are now operating sites where they leak sensitive data from victims who refuse to pay the ransom demand.
ZDNet – GOT: Conti (Ryuk) joins the ranks of ransomware gangs operating data leak sites https://t.co/hh43UR8rFI by @campuscodi
ZDNet – TwitterAug 25 2020 17:17
GOT: Conti (Ryuk) joins the ranks of ransomware gangs operating data leak sites https://zd.net/2EwGQjd by @campuscodi
BleepinComputer – Conti is now one out of 17 other ransomware operations that steal data, including Ako, Avaddon, Clop, CryLock, Dopp… https://t.co/ZOK6HcxBZa
BleepinComputer – TwitterAug 25 2020 18:15
Conti is now one out of 17 other ransomware operations that steal data, including Ako, Avaddon, Clop, CryLock, DoppelPaymer, Maze, MountLocker, Nemty, Nephilim, Netwalker, Pysa/Mespinoza, Ragnar Locker, REvil, Sekhmet, Snatch, and…
BleepinComputer – With Conti, there are now 17 ransomware operations leaking data. These operations include, Ako, Avaddon, Clop, CryL… https://t.co/bnkBirGsk4
BleepinComputer – TwitterAug 25 2020 23:27
With Conti, there are now 17 ransomware operations leaking data. These operations include, Ako, Avaddon, Clop, CryLock, DoppelPaymer, Maze, MountLocker, Nemty, Nephilim, Netwalker, Pysa/Mespinoza, Ragnar Locker, REvil, Sekhmet, Snatch, and Snake…
Vulnerabilities
CVEnew – CVE-2020-17404 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo… https://t.co/imrLLLQiIP
CVEnew – TwitterAug 25 2020 21:45
CVE-2020-17404 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…
Enterprise Application Access Client (EAA) Vulnerability (CVE-2019-18847) – Remote Code Execution and Privilege Escalation in Zero Trust Model.
Reddit – NetsecAug 25 2020 18:03
submitted by /u/knapstack123 [link]…
CVEnew – CVE-2020-15641 This vulnerability allows remote attackers to disclose sensitive information on affected installatio… https://t.co/GLy5sKiorv
CVEnew – TwitterAug 25 2020 21:45
CVE-2020-15641 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within…
CVEnew – CVE-2020-15640 This vulnerability allows remote attackers to disclose sensitive information on affected installatio… https://t.co/zVAWT1NJUA
CVEnew – TwitterAug 25 2020 21:45
CVE-2020-15640 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within…
Ongoing Campaigns
Hack-for-Hire Group Targets Financial Sector Since 2012
Security WeekAug 25 2020 12:06
A hack-for-hire group has been targeting organizations in the financial sector since 2012, for cyber-espionage purposes, Kaspersky’s security researchers reveal. Dubbed DeathStalker, the “mercenary” advanced persistent threat (APT) has been targeting…
Law Enforcement Agencies Warn of Vishing Attacks Targeting Employees
Security Bloggers NetworkAug 25 2020 07:15
Weekly Threat Briefing: Cryptominers, Phishing, APT Group, and More
ThreatStream BlogAug 25 2020 14:00
The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Backdoor, GoldenSpy, Phishing, Ransomware, and Vulnerabilities. The IOCs related to these stories…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal