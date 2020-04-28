Silobreaker

Threat Reports

Cyber Alert – 28 April 2020

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Shade Ransomware 10 10
Asnarok Malware 5 5
The0Time 3 4
Remcos RAT 3 3
GhostCat-3PC Malware 2 2
APT41 2 8
Androm Trojan 1 1
Sodinokibi Ransomware 3 10
Hupigon Trojan 1 3
GuLoader 1 1
Data Breaches
EDP data breach highlights need for cybersecurity
Seclists.org – Data LossApr 27 2020 14:28
Posted by Destry Winant on Apr 27 https://www.energydigital.com/utilities/edp-data-breach-highlights-need-cybersecurity EDP, which had a revenue of almost €17.5bn in 2018, is being extorted by cybercriminals for 1,580 BTC (Bitcoin – a value of…
Cloud data protection: how to secure what you store in the cloud
Malwarebytes Labs BlogApr 27 2020 18:05
The cloud has become the standard for data storage. Just a few years ago, individuals and businesses pondered whether or not they should move to the cloud. This is now a question of the past. Today, the question isn’t whether to adopt cloud…
WHO Admits to Leaked Credentials, Says Number of Cyber Attacks Increased Fivefold
HOTforSecurityApr 27 2020 15:02
5 Questions You Need to Answer for a Better Security Posture
Security Bloggers NetworkApr 27 2020 15:22
Cybersecurity isn’t getting any easier. Data breaches are growing in frequency, scope and the level of damage they inflict.… The post …
Hacker Groups
Huiying Medical Breached; Source Code for AI-assisted COVID-19 Detection, and Experimental Data of COVID-19 on Sale
Office of Inadequate SecurityApr 27 2020 16:49
Cyble reports: Cyble researchers have identified a credible threat actor ‘THE0TIME’ claiming to have gained access…
Malware
Shade (Troldesh) ransomware shuts down and releases decryption keys
Office of Inadequate SecurityApr 27 2020 17:33
Catalin Cimpanu reports: The operators of the Shade (Troldesh) ransomware have shut down over the weekend and, as a sign of…
2020-04-24 – Quick post: unusual HTTP traffic from Qakbot-infected host
Malware-Traffic-Analysis.net – Blog EntriesApr 28 2020 00:08
SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT
Security IntelligenceApr 27 2020 10:00
Between late March and mid-April 2020, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a phishing campaign targeting small…
Asnarök malware exploits firewall zero-day to steal credentials
BleepingComputer.comApr 27 2020 15:07
Some Sophos firewall products were attacked with a new Trojan malware, dubbed Asnarök by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline. […]
Vulnerabilities
Ongoing Campaigns
Types of Password Attacks
LIFARS BlogApr 27 2020 13:30
In the world of the internet, millions of User accounts are created every day and so are their passwords, being an essential medium to access a user account. Strong passwords are considered as the first…
Anatomy of Formjacking Attacks
Unit 42 – Palo Alto Networks BlogApr 27 2020 23:00
A detailed look at the fast-growing crime of formjacking, where cybercriminals hack a website to collect sensitive user information and steal credit card numbers. The post …
Arpspoof Preproc failed
Seclists.org – SnortApr 27 2020 17:43
Posted by Alius Fr via Snort-sigs on Apr 27 Hi community. I'm new on Snort. I'm trying to setup it for a college's lab. They asked me to install and setup Snort to detect an arpspoof attack. I did what I could but I have no alerts…
Financial sector is seeing more credential stuffing than DDoS attacks
ZDNet SecurityApr 27 2020 19:00
North American financial institutions and banks are targeted the most, primarily because most leaked credentials are from US services.

