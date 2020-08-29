Cyber Alert – 29 August 2020
This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|APT35
|9
|15
|UltraRank
|9
|20
|TA505
|5
|10
|BlackPass
|4
|4
|TA542
|4
|4
|QakBot
|8
|40
|LokiBot Trojan
|11
|39
|Magecart Group
|5
|16
|BetaBot
|3
|6
|ZeuS Trojan
|2
|2
|Data Breaches
|The “JCrush” Dating App Has Exposed All User Data, Even Messages
|TechNadu – Aug 28 2020 09:18
|JCrush has exposed a great amount of data around its users, both technical and identification details. It appears that only 200,000 out of a total of 1,500,000 users have been exposed, but the set includes “incognito mode” users. The data that was…
|Details on over 350,000 SSL247 customers exposed due to misconfigured AWS bucket
|Information Security Buzz – Aug 28 2020 14:19
|Another week, another misconfigured AWS S3 bucket as security researchers have discovered a misconfigured AWS S3 bucket exposing sensitive files related to SSL247, a reseller of internet security products. The leaky database exposed the personal…
|More Ransomware Gangs Threaten Victims With Data Leaking
|Office of Inadequate Security – Aug 28 2020 23:58
|Mathew J. Schwartz reports: Ransomware gangs are increasingly not just claiming that they’ll leak stolen data from…
|securityaffairs – 350 million decrypted email addresses left exposed on an unsecured server
https://t.co/1MVl0e5gN6
#securityaffairs #hacking #dataleak
|securityaffairs – Twitter – Aug 28 2020 08:06
|350 million decrypted email addresses left exposed on an unsecured server
|Hacker Groups
|DeathStalker APT Attacked SMBs with Cyber Espionage Tools
|Cyware – Aug 28 2020 12:24
|Recently, Kaspersky researchers discovered DeathStalker APT , a sophisticated hacker-for-hire group, launching large-scale commercial cyber-espionage campaigns, against targets spread from Europe to Latin America. DeathStalker, the mercenary Active…
|UltraRank hackers steal credit cards from hundreds of stores
|BleepingComputer.com – Aug 28 2020 14:11
|A cybercriminal group specialized in infecting online shops to steal payment card data. is responsible for compromising almost 700 websites and more than a dozen third-party service providers. […]
|TA542 Returns With Emotet: What’s Different Now
|TerabitWeb Blog – RSS – Aug 28 2020 17:16
|Original Post from Dark Reading Author: Dark Reading Staff Researchers report the TA542 threat group…
|Transparent Tribe APT group targeting 30 countries with Android spyware; India among most hit: Kaspersky
|TimesNowNews.com – Aug 28 2020 15:19
|Transparent Tribe advanced persistent threat group has targeted almost 30 countries in one year with Android spyware. Representative image Key Highlights Transparent Tribe APT group has been on the prowl since 2013 It has targeted almost 30 countries in…
|Malware
|Gozi: The Malware with a Thousand Faces
|Check Point Research – RSS – Aug 28 2020 09:57
|1. Introduction Most of the time, the relationship between cybercrime campaigns and malware strains is simple. Some malware strains, like the gone-but-not-forgotten GandCrab, are intimately tied to a single actor, who is using the malware directly…
|Ransomware Red Flags: 7 Signs You’re About to Get Hit
|Dark Reading – All Stories – Aug 28 2020 15:00
|Caught off guard by a ransomware attack? Security experts say the warning signs were there all along.
|Vulnerabilities
|Dinosn – Flaws expose DVB-T2 set-top boxes to botnet & ransomware attacks https://t.co/maS1JkzWNI
|Dinosn – Twitter – Aug 29 2020 03:58
|Flaws expose DVB-T2 set-top boxes to botnet & ransomware attacks https://www.hackread.com/flaws-dvb-t2-set-top-boxes-botnet-ransomware-attacks/
|Flaws expose DVB-T2 set-top boxes to botnet & ransomware attacks
|HackRead – Aug 28 2020 15:33
|By Sudais Asif Two popular DVD top-set boxes are vulnerable to both botnet and ransomware attacks. This is a post from HackRead.com Read the original post: …
|cybersecboardrm – Flaws expose DVB-T2 set-top boxes to botnet & ransomware attacks #Cybersecurity #ransomware #security https://t.co/3BuG6BeWyT
|cybersecboardrm – Twitter – Aug 28 2020 18:52
|Flaws expose DVB-T2 set-top boxes to botnet & ransomware attacks #Cybersecurity #ransomware #security https://www.hackread.com/flaws-dvb-t2-set-top-boxes-botnet-ransomware-attacks/
|Vulnerability reporting is returning to normal
|Help Net Security – News – Aug 28 2020 05:00
|Vulnerability reporting, still impacted by COVID-19, is beginning to return to normal, Risk Based Security reveals. Out of 11,121 vulnerabilities aggregated during the first half of 2020, 818 were the result of the Vulnerability Fujiwhara Effect,…
|Ongoing Campaigns
|SourMint API Could be Used to Target iOS Users via Supply Chain Attacks
|Cyware – Aug 28 2020 12:24
|Supply chain attacks are gradually picking up momentum among several attackers as a means to reaching out to their ultimate objectives via attacking intermediary targets. Recently, a Chinese company involved in iOS software development was exposed…
|Lemon_Duck cryptomining malware evolves to target Linux devices
|Security Affairs – Aug 28 2020 09:06
|A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the …
|Iran-linked Charming Kitten APT contacts targets via WhatsApp, LinkedIn
|Security Affairs – Aug 28 2020 15:33
|The Iran-linked Charming Kitten APT group leveraged on WhatsApp and LinkedIn to carry out phishing attacks, researchers warn. Clearsky security researchers revealed that Iran-linked …
|Nefilim Operators Playing it Big
|Cyware – Aug 28 2020 18:24
|Nefilim ransomware, first discovered in March 2020, shares much of its code with NEMTY 2.5 REVENGE ransomware. Earlier this month, the Nefilim ransomware group claimed to infiltrate the networks of the SPIE group, a European multi-technical service…
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.