Threat Reports

Cyber Alert – 29 July 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
VHD Ransomware 36 40
QSnatch Malware 27 51
Lazarus Group 24 57
MATA Malware 10 25
Ensiko Webshell 7 7
EMOTET Trojan 36 168
Shiny Hunters 8 20
WannaCry Ransomware 8 16
Equation Group 3 3
QakBot 5 20
Data Breaches
Kubernetes Vulnerabilty Exposed Internal Services, Possible Cluster Takeover
Reddit – NetsecJul 28 2020 16:46
submitted by /u/YuvalAvra [link] [comments]
Undetectable Linux Malware Targeting Docker Servers With Exposed APIs
THN : The Hacker NewsJul 28 2020 12:56
Cybersecurity researchers today uncovered a completely undetectable Linux malware that exploits undocumented techniques to stay under the radar and targets publicly accessible Docker servers hosted with popular cloud platforms, including AWS, Azure,…
security_wang – Undetectable Linux Malware Targeting Docker Servers With Exposed APIs https://t.co/iJqZt4HHZI
security_wang – TwitterJul 28 2020 14:10
Undetectable Linux Malware Targeting Docker Servers With Exposed APIs http://dlvr.it/RcX7RJ
Dinosn – Undetectable Linux Malware Targeting Docker Servers With Exposed APIs https://t.co/plUxCEI3qd
Dinosn – TwitterJul 28 2020 14:01
Undetectable Linux Malware Targeting Docker Servers With Exposed APIs http://feedproxy.google.com/~r/TheHackersNews/~3/Of2qe5V0Wgk/docker-linux-malware.html
Hacker Groups
Lazarus Group Brings APT Tactics to Ransomware
CERT-EU – Latest Articles Ongoing Threats – RSSJul 28 2020 22:05
Sorin Mustaca's aggregated IT Security News and articles about information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, breaches. Read the original article: Lazarus Group Brings APT…
kaspersky – The Lazarus threat group uses APT techniques to spread the VHD ransomware. https://t.co/Oypm5CIcFY https://t.co/LpKT8UdQlz
kaspersky – TwitterJul 28 2020 20:00
The Lazarus threat group uses APT techniques to spread the VHD ransomware. https://kas.pr/3nzx https://twitter.com/kaspersky/status/1288202658306809856/video/1
Dave ShinyHunters Hack Exposes 7.5 Million User Records
News ≈ Packet StormJul 28 2020 14:40
Sandworm details the group behind the worst cyberattacks in history
Reporter.amJul 28 2020 17:37
In today’s Vergecast interview series, Verge editor-in- chief Nilay Patel talks with Wired senior editor Andy Greenberg, author of Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers As the title explains, Greenberg’s…
Malware
Expert On Malware replaced with GIFs in Emotet hack
Information Security BuzzJul 28 2020 10:54
Malware distribution network Emotet has been hacked by a potential threat actor of unknown origin, substituting malware for humorous GIFs. As a result, instead of being hit with malware, users who click on malicious links from Emotet spam have been…
QSnatch malware infected over 62,000 QNAP NAS Devices
Security AffairsJul 28 2020 09:03
US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The United States Cybersecurity and Infrastructure Security Agency (CISA) and the United…
da_667 – I remember reading up on how SamSam worked. malware infection >mimikatz/other privesc where possible > scan > shit… https://t.co/Zh271ZDwgQ
da_667 – TwitterJul 29 2020 05:38
I remember reading up on how SamSam worked. malware infection >mimikatz/other privesc where possible > scan > shit out ransomware via smb exec.
Emotet malware now steals your email attachments to attack contacts
BleepingComputer.comJul 28 2020 19:21
The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails attempting to infect targets' systems. […]
Vulnerabilities
CVEnew – CVE-2020-10923 This vulnerability allows network-adjacent attackers to bypass authentication on affected installati… https://t.co/YBnCqklFoQ
CVEnew – TwitterJul 28 2020 18:45
CVE-2020-10923 This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists…
Critical – CVE-2020-12812 – An improper authentication vulnerability in SSL…
CERT-EU VulnerabilitiesApplicationsJul 28 2020 20:05
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed…
Kubernetes Vulnerability Puts Clusters at Risk of Takeover (CVE-2020-8558)
CERT-EU VulnerabilitiesApplicationsJul 29 2020 04:43
Executive Summary. A security issue assigned CVE-2020-8558 was recently discovered in the kube-proxy, a networking component running on Kubernetes nodes. The issue exposed internal services of Kubernetes nodes, often run without authentication. On…
Security Bulletin: Apache CXF vulnerability identified in IBM Tivoli Application Dependency Discovery Manager (CVE-2020-1954)
CERT-EU VulnerabilitiesApplicationsJul 29 2020 00:22
Share this post: This security bulletin addresses the vulnerability in Open Source Apache CXF that affect IBM Tivoli Application Dependency Discovery Manager. Affected product(s) and affected version(s): IBM Product Security Vulnerabilities. See…
Ongoing Campaigns
Operators of VHD Ransomware Unveiled
Infosecurity – Latest NewsJul 28 2020 18:29
Operators of VHD Ransomware Unveiled A state-sponsored threat group has created its own ransomware and is using it against large organizations for financial gain.  New …
U.S. Election Administrators Failed to Implement Phishing Protections: Study
Security WeekJul 28 2020 16:18
A majority of election administrators in the United States have yet to implement cybersecurity controls designed to provide protection against phishing attacks, a new Area 1 Security report reveals. Phishing, a type of cyber-attack where the victim is…
Nefilim ransomware operators leaked data alleged stolen from the Dussmann group
Security AffairsJul 28 2020 15:19
Cyble researchers reported that Nefilim ransomware operators allegedly targeted the Dussmann group, the German largest private multi-service provider Researchers from threat intelligence firm Cyble reported that Nefilim ransomware operators…
EMOTET reemerges after months in hiding
MediaCenter Panda SecurityJul 28 2020 09:40

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 03 August 2020

    Silobreaker's Daily COVID-19 Alert for 03 August 2020
  • Cyber Alert – 03 August 2020

    Cyber Alert: InfoSecHotSpot - 10 billion records exposed in unsecured databases, study says The databases contain personal information that could… https://t.co/LYBl2kpNgL...
  • COVID-19 Alert – 02 August 2020

    Silobreaker's Daily COVID-19 Alert for 02 August 2020
View all News

Request a demo

Get in touch