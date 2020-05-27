Cyber Alert – 27 May 2020
Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Turla APT Group
|11
|12
|ComRAT Malware
|8
|8
|Turla Spyware
|5
|6
|Silent Night
|4
|11
|ZeuS Trojan
|4
|14
|PowerStallion
|3
|3
|Zloader Malware
|3
|13
|AnarchyGrabber
|2
|6
|Carberp
|1
|1
|Unistellar Hacker Group
|1
|1
|Data Breaches
|23% of leading banks had an exposed database with potential data leakage
|Help Net Security – News – May 27 2020 04:30
|Reposify unveiled research findings of critical asset exposures and vulnerabilities in attack surfaces of the world’s leading multinational banks. Researchers measured the prevalence of exposed sensitive assets including exposed databases,…
|Qatar Tracing App Flaw Exposed 1 Mn Users’ Data: Amnesty
|SecurityWeek RSS Feed – May 27 2020 03:29
|A security flaw in Qatar's controversial mandatory coronavirus contact tracing app exposed sensitive information of more than one million users, rights group Amnesty International warned Tuesday. …
|Mercedes-Benz Data Leak Lesson: Lock Down Code Repositories
|BankInfoSecurity – May 26 2020 09:14
|Luckily for Car Giant, Access Control Gaff Didn't Expose Secret Data – This Time Don't forget to lock down online shared code repositories, as Mercedes-Benz parent company Daimler AG learned the hard way after a researcher was able to access…
|Class-action lawsuit filed against state contractor over Ohio Department of Job and Family Services data leak
|Office of Inadequate Security – May 26 2020 13:28
|No surprise here…. ABC6 in Ohio reports: A class-action lawsuit has been filed in the Cuyahoga County Court of Common…
|Hacker Groups
|A New Backdoor From Ke3chang – Ketrum
|IBM X-Force Exchange – Advisory Tag – RSS – May 26 2020 12:44
|Summary A report from Intezer looks at malware they have named Ketrum which appears to be a combination of code from Ketrican and Okrum and has been attributed to the group known as Ke3chang. Threat Type Malware, Backdoor Overview The APT group…
|Federal officials have arrested another accused FIN7 hacker
|Cyberscoop – News – May 26 2020 19:45
|A Ukrainian national was arrested last week in Seattle for his alleged involvement in hacking operations run by FIN7, a syndicate known for stealing approximately $1 billion from its victims in the United States. According to court documents…
|Turla hacker group steals antivirus logs to see if its malware was detected
|ZDNet Zero Day Blog – May 26 2020 09:30
|Turla, one of Russia's most advanced hacker groups, has created malware that gets its orders from email attachments sent to an arbitrary Gmail inbox.
|Chafer APT attacks in the Middle East: Kaspersky
|Bahrain News Shafaqna – May 26 2020 21:24
|Our monitoring of Chafer threat actor confirms that at the moment, they are active and gathering data in Middle Eastern and Central Asian entities. The group has been quite active in the past years, attacking governmental entities in this part of the…
|Malware
|RagnarLocker Ransomware Deploys Oracle VirtualBox VM to Hide Itself
|Cyware – May 26 2020 07:24
|The RagnarLocker group is already known for carefully selecting targets, avoiding private users, and instead targeting corporate networks, managed service providers, and government organizations. Now, by adopting new innovative attack vectors, the…
|Hacking group builds new Ketrum malware from recycled backdoors
|BleepingComputer.com – May 26 2020 15:22
|The Ke3chang hacking group historically believed to be operating out of China has developed new malware dubbed Ketrum by merging features and source code from their older Ketrican and Okrum backdoors. […]
|Turla’s ComRAT v4 uses Gmail web UI to receive commands, steal data
|SC Magazine US – May 26 2020 09:44
|Researchers have uncovered version of the ComRat backdoor, one of the Turla Group’s oldest malware families, that distinguishes itself by using Gmail’s web UI to receive commands and nick data. The newly uncovered version of ComRAT, known for stealing…
|Vulnerabilities
|Ongoing Campaigns
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.