Threat Reports

Cyber Alert – 27 June 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Mirai Trojan 10 13
Evil Corp 8 33
DarkCrewFriends 5 6
WastedLocker 8 51
GoldenSpy 6 26
Magecart Group 7 7
Glupteba Trojan 4 16
NotPetya Ransomware 5 20
Lucifer Malware 4 26
Tsunami Backdoor 3 8
Data Breaches
Domestic Abuse Victims Exposed in Cloud Misconfiguration
Infosecurity – Latest NewsJun 26 2020 08:30
Domestic Abuse Victims Exposed in Cloud Misconfiguration Thousands of domestic violence victims have had their emergency distress messages exposed after a developer misconfigured a back-end AWS bucket. Researchers at vpnMentor led by Noam…
InfosecurityMag – Domestic Abuse Victims Exposed in Cloud Misconfiguration https://t.co/DbEXvl64oV
InfosecurityMag – TwitterJun 26 2020 08:30
Domestic Abuse Victims Exposed in Cloud Misconfiguration https://www.infosecurity-magazine.com/news/domestic-abuse-victims-cloud?utm_source=twitterfeed&utm_medium=twitter
Brazilian federal police investigates presidential data leak
ZDNet SecurityJun 26 2020 23:38
Private information relating to Jair Bolsonaro and several ministers had been exposed and details of over 200,000 public servants obtained.
This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices
CERT-EU VulnerabilitiesApplicationsJun 26 2020 15:15
. This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices. Welcome to our weekly roundup, where we share what you need to know about the…
Hacker Groups
Tor2Mine is Back, Controls Mining Programs
CywareJun 26 2020 13:24
With an aim to control Monero mining activities by spreading trojans and other means, Tor2Mine, a cryptocurrency mining threat actor, makes a comeback after 2018. What’s going on? According to 360 Security Center, Tor2Mine is reducing the users to…
Evil Corp blocked from deploying ransomware on US companies
TSecurity.deJun 26 2020 16:26
The Evil Corp gang was blocked from deploying WastedLocker ransomware payloads in dozens of attacks against major US corporations, at least of them being Fortune 500 companies. […]…
Leviathan APT campaign in 2020 Malaysian political crisis
Reddit – BlueTeamSec – RSSJun 26 2020 06:22
submitted by /u/digicat [link]…
DarkCrewFriends Returns with Botnet Strategy
CERT-EU VulnerabilitiesApplicationsJun 26 2020 21:02
The hackers-for-hire group DarkCrewFriends has resurfaced and is targeting content management systems to build a botnet. The botnet can be marshalled into service to carry out a variety of criminal activities, including distributed denial-of-service…
Malware
Glupteba malware leverages blockchain as a communications channel
SC Magazine USJun 26 2020 14:44
Glupteba malware does something novel: It uses the bitcoin blockchain as a communications channel to receive updated configuration information. That’s important because malware always needs a way to go back to its home base, preferably without being…
Lion gets breweries up and running following ransomware attack
ZDNet SecurityJun 26 2020 05:53
But the beverage giant cannot confirm that data won't eventually make its way out into the wild, despite not finding any evidence of it being removed.
Lucifer – New Self-Propagating Malware Exploit Multiple Critical Bugs to Infect Windows Devices
CERT-EU VulnerabilitiesApplicationsJun 27 2020 02:46
Recently, the security experts have discovered a new self-propagating cryptojacking and DDoS-based malware “Lucifer” that are exploiting critical vulnerability to infect Windows devices. This vulnerability was discovered on May 29,2020, after…
Vulnerabilities
CVE-2020-15017
CERT-EU VulnerabilitiesApplicationsJun 26 2020 20:02
NeDi 1.9C is vulnerable to reflected cross-site scripting. The Devices-Config.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the sta GET parameter.
SecurityWeek – NVIDIA Patches Code Execution Flaws in GPU Drivers https://t.co/7TKZ6E8xPP
SecurityWeek – TwitterJun 26 2020 12:52
NVIDIA Patches Code Execution Flaws in GPU Drivers https://www.securityweek.com/nvidia-patches-code-execution-flaws-gpu-drivers
Security Flaws & Fixes – W/E – 6/26/20
Tech-Wreck InfoSec BlogJun 26 2020 12:06
AMD Fixes CPU Bug; Promises Patch for Additional Flaws by End of June (06/22/2020) Advanced Micro Devices (AMD) issued a security advisory regarding a high-severity vulnerability in software…
NVIDIA Patches Code Execution Flaws in GPU Drivers
CERT-EU VulnerabilitiesApplicationsJun 26 2020 13:08
NVIDIA this week released patches for a dozen vulnerabilities in GPU display drivers and vGPU software, including multiple issues that could lead to code execution. The most severe of the bugs affecting the GPU drivers include CVE‑2020‑5962, which…
Ongoing Campaigns
$200m Spear Phished from Cryptocurrency Exchanges
Infosecurity – Latest NewsJun 26 2020 14:46
$200m Spear Phished from Cryptocurrency Exchanges A newly detected threat group has stolen an estimated minimum of $200m from cryptocurrency exchanges in just two years. The dastardly deeds of cyber-criminal organization CryptoCore…
Payment Card Skimmer Attacks Hit 8 Cities
Bank Info SecurityJun 26 2020 20:34
Trend Micro: 5 of the Cities Had Previously Been Victims of Magecart-Style Attacks (DougOlenick) • June 26, 2020 Eight U.S. cities recently had payment card data stolen via point-of-sale skimming malware on their Click2Gov online payment platforms,…
Biggest PPS DDoS attack on European Bank
IT Security GuruJun 26 2020 12:05
A European bank has fallen victim to a huge distributed denial-of-service (DDoS) attack that sent to its networking gear a flood of 809 million packets per second (PPS). This attack is potentially the largest one to have ever occurred with a…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 08 July 2020

    Silobreaker's Daily COVID-19 Alert for 08 July 2020
  • Cyber Alert – 08 July 2020

    Cyber Alert: Exposed dating service databases leak sensitive info on romance-seekers...
  • COVID-19 Alert – 07 July 2020

    Silobreaker's Daily COVID-19 Alert for 07 July 2020
View all News

Request a demo

Get in touch