29 September 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Ryuk Ransomware 29 35
FinSpy 10 49
Sodinokibi Ransomware 11 21
Stuxnet 5 9
Equation Group 4 4
BLM Ransomware 5 16
Trickbot Malware 6 20
SideCopy 2 3
AgeLocker Ransomware 2 9
Mount Locker Ransomware 2 17
Data Breaches
Airbnb glitch exposed hosts’ personal dataIT Pro UK – Sep 28 2020 12:48Airbnb  hosts may have had their personal data , including addresses and the codes to rental homes, exposed to other users. Last week, users of the popular holiday rental marketplace platform flagged the issue that saw them redirected to another…
Twitter Warns Developers of API Bug That Exposed App Keys, TokensThreatpost.com – Sep 28 2020 15:15Twitter has fixed a caching issue that could have exposed developers' API keys and tokens.
cybersecboardrm – Personal data of 600,000 customers of U.S. fitness chain exposed Online #Cybersecurity #fitness #security https://t.co/VRPv5jHKllcybersecboardrm – Twitter – Sep 28 2020 11:42Personal data of 600,000 customers of U.S. fitness chain exposed Online #Cybersecurity #fitness #security https://www.hackread.com/us-fitness-chain-customers-data-exposed-online/
Personal data of 600,000 customers of U.S. fitness chain exposed OnlineHackRead – Sep 28 2020 09:56By Waqas An unprotected database containing private data of Town Sports’ employees and members was leaked on the internet. This is a post from HackRead.com Read the original post: …
Hacker Groups
Pakistan Hackers Helping China in Suspected Operation Sidecopy Cyber Attacks on IndiaNews18.com – Sep 28 2020 11:29Researchers at Seqrite have reported to the Indian government a cyber attack campaign routed by Pakistani hackers, suspected to be aided by China, with the aim of stealing critical data by targeting key personnel in India’s Defence force. A suspected…
The KuCoin Hacker is About to Sell Stolen Chainlink; Why Analysts Aren’t ConcernedReddit – CryptoMarkets – Sep 29 2020 00:14submitted by /u/bitcointothemoon_ [link]…
TikTok’s 11th-hour reprieve. Gadolinium takedown. UK acknowledges cyber offensive capability. DDoS in Hungary. REvil recruits.The CyberWire – Sep 28 2020 15:07The US District Court for the District of Columbia yesterday granted a nationwide preliminary injunction stopping the US ban on TikTok transactions. Fortune notes that the judge left the November deadline for TikTok's sale in place. Microsoft has…
Metacurity – Pakistan Hackers Helping China in Suspected Operation Sidecopy Cyber Attacks on India https://t.co/rI6qn75hO9Metacurity – Twitter – Sep 28 2020 19:25Pakistan Hackers Helping China in Suspected Operation Sidecopy Cyber Attacks on India https://www.news18.com/news/tech/pakistan-hackers-helping-china-in-suspected-operation-sidecopy-cyber-attacks-on-india-2916023.html
Malware
mikko – When the pandemic started, several ransomware gangs said publicly that they would not attack hospitals. Ryuk’s operators did not.mikko – Twitter – Sep 28 2020 15:33When the pandemic started, several ransomware gangs said publicly that they would not attack hospitals. Ryuk’s operators did not.
Ransomware is your biggest problem on the web. This huge change could be the answerZDNet Security – Sep 28 2020 11:02Making it illegal for companies to pay up when hit with ransomware could finally halt the 'scourge of the internet'.
UHS hospitals hit by Ryuk ransomware attackSecurity Affairs – Sep 28 2020 18:01Universal Health Services (UHS) healthcare providers has reportedly shut down systems at healthcare facilities after a Ryuk ransomware attack. Universal Health Services (UHS),…
“REvil” Displays Power and Size With $1 Million Deposit on ForumTechNadu – Sep 28 2020 10:03REvil has deposited a jaw-dropping amount of money to state their case on a dark web forum. The notorious ransomware group is looking to expand even more by recruiting new promoters and testers. One million USD is nothing for REvil, as they clearly…
Vulnerabilities
CVEnew – CVE-2020-25773 A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to… https://t.co/IwxwVgv1uHCVEnew – Twitter – Sep 29 2020 00:45CVE-2020-25773 A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the target must import…
Are injection flaws the Bohemian Rhapsody of cybersecurity?The Register – Security – Sep 28 2020 06:00Get ready for this year’s OWASP Top 10 with us and F5 Webcast Whether you’re into cybersecurity or application development, you probably also like lists, which means you probably love the OWASP Top 10.…
CISA Warns of Hackers Exploiting Zerologon VulnerabilitySecurity Week – Sep 28 2020 14:18The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert to warn of attackers actively targeting a recently addressed vulnerability in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Dubbed Zerologon, the security…
CVEnew – CVE-2020-24563 A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the… https://t.co/38IBZUqBuFCVEnew – Twitter – Sep 29 2020 00:45CVE-2020-24563 A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the security agent unload option (if configured), which then could be manipulated to gain a privilege escalation and code execution. An…
Ongoing Campaigns
Alien RAT with 2FA-Stealing TechniqueCyware – Sep 28 2020 12:36A new variant of Cerberus malware, which is available for rent on underground forums since January, has been found invading Android devices and targeting more than 200 applications. What has happened? According to a ThreatFabric research, the newly…
DDoS Attacks Get Amplified, Extortion Threats and Bit-and-Piece Attacks RiseCyware – Sep 28 2020 06:36In the continuing evolution of cyber threats, a new wave of DDoS attacks is scaring targeted corporates into paying ransoms. Additionally, there has been a significant shift in attack patterns as attackers blend different types of DDoS attacks for…
QNAP warns for AgeLocker RansomwareMalwareTips.com – Sep 28 2020 10:09Summary The AgeLocker Ransomware has been reported to target QNAP NAS, Linux, and macOS devices. This new ransomware attempts to encrypt the files of victims by using the “Age” encryption tool. QNAP Product Security Incident Response Team (PSIRT) has…
FBI Warns: Credential Stuffing Attacks on the RiseBankInfoSecurity – Sep 28 2020 21:16Stolen Credentials, Lack of MFA Leading to Millions in…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal