Cyber Alert – 28 April 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Shade Ransomware
|10
|10
|Asnarok Malware
|5
|5
|The0Time
|3
|4
|Remcos RAT
|3
|3
|GhostCat-3PC Malware
|2
|2
|APT41
|2
|8
|Androm Trojan
|1
|1
|Sodinokibi Ransomware
|3
|10
|Hupigon Trojan
|1
|3
|GuLoader
|1
|1
|Data Breaches
|EDP data breach highlights need for cybersecurity
|Seclists.org – Data Loss – Apr 27 2020 14:28
|Posted by Destry Winant on Apr 27 https://www.energydigital.com/utilities/edp-data-breach-highlights-need-cybersecurity EDP, which had a revenue of almost €17.5bn in 2018, is being extorted by cybercriminals for 1,580 BTC (Bitcoin – a value of…
|Cloud data protection: how to secure what you store in the cloud
|Malwarebytes Labs Blog – Apr 27 2020 18:05
|The cloud has become the standard for data storage. Just a few years ago, individuals and businesses pondered whether or not they should move to the cloud. This is now a question of the past. Today, the question isn’t whether to adopt cloud…
|WHO Admits to Leaked Credentials, Says Number of Cyber Attacks Increased Fivefold
|HOTforSecurity – Apr 27 2020 15:02
|…
|5 Questions You Need to Answer for a Better Security Posture
|Security Bloggers Network – Apr 27 2020 15:22
|Cybersecurity isn’t getting any easier. Data breaches are growing in frequency, scope and the level of damage they inflict.… The post …
|Hacker Groups
|Huiying Medical Breached; Source Code for AI-assisted COVID-19 Detection, and Experimental Data of COVID-19 on Sale
|Office of Inadequate Security – Apr 27 2020 16:49
|Cyble reports: Cyble researchers have identified a credible threat actor ‘THE0TIME’ claiming to have gained access…
|Malware
|Shade (Troldesh) ransomware shuts down and releases decryption keys
|Office of Inadequate Security – Apr 27 2020 17:33
|Catalin Cimpanu reports: The operators of the Shade (Troldesh) ransomware have shut down over the weekend and, as a sign of…
|2020-04-24 – Quick post: unusual HTTP traffic from Qakbot-infected host
|Malware-Traffic-Analysis.net – Blog Entries – Apr 28 2020 00:08
|SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT
|Security Intelligence – Apr 27 2020 10:00
|Between late March and mid-April 2020, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a phishing campaign targeting small…
|Asnarök malware exploits firewall zero-day to steal credentials
|BleepingComputer.com – Apr 27 2020 15:07
|Some Sophos firewall products were attacked with a new Trojan malware, dubbed Asnarök by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline. […]
|Vulnerabilities
|Ongoing Campaigns
|Types of Password Attacks
|LIFARS Blog – Apr 27 2020 13:30
|In the world of the internet, millions of User accounts are created every day and so are their passwords, being an essential medium to access a user account. Strong passwords are considered as the first…
|Anatomy of Formjacking Attacks
|Unit 42 – Palo Alto Networks Blog – Apr 27 2020 23:00
|A detailed look at the fast-growing crime of formjacking, where cybercriminals hack a website to collect sensitive user information and steal credit card numbers. The post …
|Arpspoof Preproc failed
|Seclists.org – Snort – Apr 27 2020 17:43
|Posted by Alius Fr via Snort-sigs on Apr 27 Hi community. I'm new on Snort. I'm trying to setup it for a college's lab. They asked me to install and setup Snort to detect an arpspoof attack. I did what I could but I have no alerts…
|Financial sector is seeing more credential stuffing than DDoS attacks
|ZDNet Security – Apr 27 2020 19:00
|North American financial institutions and banks are targeted the most, primarily because most leaked credentials are from US services.
