This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
VHD Ransomware 22 61
RedDelta 9 10
Lazarus Group 16 56
Mailto Ransomware 7 7
PlugX Trojan 5 6
MATA Malware 6 30
Karma Panda 4 4
ShadowPad backdoor 4 4
APT27 4 4
EMOTET Trojan 26 158
Data Breaches
Vermont Tax Department exposed 3 years worth of tax return info
BleepingComputer.comJul 29 2020 22:10
The Vermont Department of Taxes today disclosed that taxpayers' private information was exposed because of a security issue affecting its online filing site discovered on July 2, 2020. (6f4c434995edef0548165457c4d90ce3)[…]
BleepinComputer – Vermont Tax Department exposed 3 years worth of tax return info – @serghei
https://t.co/SwQJHGXosO
BleepinComputer – TwitterJul 29 2020 22:10
Vermont Tax Department exposed 3 years worth of tax return info – @serghei
https://www.bleepingcomputer.com/news/security/vermont-tax-department-exposed-3-years-worth-of-tax-return-info/
Athlete Recruiting Software Company Discloses Data Breach 7 Months after Student-Athlete Data is Exposed
HOTforSecurityJul 29 2020 05:49
Dinosn – Kubernetes Vulnerability Exposed Internal Services, Possible Cluster Takeover
https://t.co/2cAeqE63w9
Dinosn – TwitterJul 29 2020 12:46
Kubernetes Vulnerability Exposed Internal Services, Possible Cluster Takeover
https://unit42.paloaltonetworks.com/cve-2020-8558/
Hacker Groups
StrongPity APT – Revealing Trojanized Tools, Working Hours and Infrastructure
BitpipeJul 30 2020 00:58
StrongPity, also known as Promethium, is a threat group thought to have been active since at least 2012. Attacks attributed to StrongPity are typically government-sponsored and are used for population surveillance and intelligence exfiltration . This…
As the November Election Approaches, Are Newsrooms Ready for Guccifer 3.0?
Editor & PublisherJul 29 2020 18:46
| Nieman Reports When a Twitter user named @Guccifer_2 direct messaged reporter Sheera Frenkel in June 2016, offering hacked emails from the Democratic National Committee, she demonstrated an instinct that will be crucial for journalists covering the…
Equation Group is alive and kicking and active in Russia: Group-IB report
Reddit – Intelligence News – RSSJul 29 2020 21:54
RedDelta CCP infiltrates The Vatican
MalwareTips.comJul 29 2020 17:50
From early May 2020, The Vatican and the Catholic Diocese of Hong Kong were among several Catholic Church-related organizations that were targeted by RedDelta, a Chinese-state sponsored threat activity group tracked by Insikt Group. Click to…
Malware
da_667 – I remember reading up on how SamSam worked. malware infection >mimikatz/other privesc where possible > scan > shit… https://t.co/Zh271ZDwgQ
da_667 – TwitterJul 29 2020 05:38
I remember reading up on how SamSam worked. malware infection >mimikatz/other privesc where possible > scan > shit out ransomware via smb exec.
Emotet Replaced Trickbot With QakBot Within One Day of Emergence
CywareJul 29 2020 12:24
After a break of more than five months, like old times, Emotet had recently started distributing the same secondary malware – Trickbot . However, it seems that it has found a new partner as a secondary malware – QakBot or QBot, a worm-like strain of…
Dinosn – One of the easiest way to unpack java malware e.g. Qealler is to use Java agent https://t.co/VCe7bRMBhH
Dinosn – TwitterJul 30 2020 03:55
One of the easiest way to unpack java malware e.g. Qealler is to use Java agent https://www.securityinbits.com/malware-analysis/unpacking/unpacking-pyrogenic-qealler-using-java-agent-part-0x2/
Securityblog – RT @AdliceSoftware: Got infected with Zeus (Zbot) Banker? Follow this step by step guide to get rid of it. Our guide also includes a short…
Securityblog – TwitterJul 29 2020 18:11
RT @AdliceSoftware: Got infected with Zeus (Zbot) Banker? Follow this step by step guide to get rid of it. Our guide also includes a short analysis of the malware.
https://www.adlice.com/remove-zeus/
Vulnerabilities
Dinosn – Critical Magento Flaws Allow Code Execution https://t.co/qlsFZ25Mif
Dinosn – TwitterJul 30 2020 02:56
Critical Magento Flaws Allow Code Execution https://threatpost.com/critical-magento-flaws-code-execution/157840/
Critical Magento Flaws Allow Code Execution
Threatpost.comJul 29 2020 21:22
Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform.
Security Flaws Discovered in OKCupid Dating Service
Dark Reading:Jul 29 2020 21:00
Researchers identified a variety of vulnerabilities in apps and websites for the popular online dating platform.
OkCupid Security Flaw Threatens Intimate Dater Details
Threatpost.comJul 29 2020 10:00
Attackers could exploit various flaws in OkCupid's mobile app and webpage to steal victims' sensitive data and even send messages out from their profiles.
Ongoing Campaigns
APT trends report Q2 2020
SecurelistJul 29 2020 10:02
For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a…
North Korea-Linked Lazarus APT is behind the VHD ransomware
Security AffairsJul 29 2020 06:42
Security experts from Kaspersky Lab reported that North Korea-linked hackers are attempting to spread a new ransomware strain known as VHD. North Korean-linked …
North Korea-backed hackers dip their toes into the ransomware pool
ArsTechnicaJul 29 2020 12:01
Enlarge Aurich Lawson / Getty Lazarus—the North Korean state hacking group behind the WannaCry worm , the theft of $81 million from a Bangladesh bank , and the attacks on Sony Pictures —is looking to expand into the ransomware craze, according to…
North Korean Hackers Operate VHD Ransomware, Kaspersky Says
Security WeekJul 29 2020 11:17
The VHD ransomware family that emerged earlier this year is the work of North Korea-linked threat actor Lazarus, Kaspersky’s security researchers reveal. Active for more than a decade and believed to be operating on behalf of the North Korean…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
VHD Ransomware 22 61
RedDelta 9 10
Lazarus Group 16 56
Mailto Ransomware 7 7
PlugX Trojan 5 6
MATA Malware 6 30
Karma Panda 4 4
ShadowPad backdoor 4 4
APT27 4 4
EMOTET Trojan 26 158
Data Breaches
Vermont Tax Department exposed 3 years worth of tax return info
BleepingComputer.comJul 29 2020 22:10
The Vermont Department of Taxes today disclosed that taxpayers' private information was exposed because of a security issue affecting its online filing site discovered on July 2, 2020. (6f4c434995edef0548165457c4d90ce3)[…]
BleepinComputer – Vermont Tax Department exposed 3 years worth of tax return info – @serghei
https://t.co/SwQJHGXosO
BleepinComputer – TwitterJul 29 2020 22:10
Vermont Tax Department exposed 3 years worth of tax return info – @serghei
https://www.bleepingcomputer.com/news/security/vermont-tax-department-exposed-3-years-worth-of-tax-return-info/
Athlete Recruiting Software Company Discloses Data Breach 7 Months after Student-Athlete Data is Exposed
HOTforSecurityJul 29 2020 05:49
Dinosn – Kubernetes Vulnerability Exposed Internal Services, Possible Cluster Takeover
https://t.co/2cAeqE63w9
Dinosn – TwitterJul 29 2020 12:46
Kubernetes Vulnerability Exposed Internal Services, Possible Cluster Takeover
https://unit42.paloaltonetworks.com/cve-2020-8558/
Hacker Groups
StrongPity APT – Revealing Trojanized Tools, Working Hours and Infrastructure
BitpipeJul 30 2020 00:58
StrongPity, also known as Promethium, is a threat group thought to have been active since at least 2012. Attacks attributed to StrongPity are typically government-sponsored and are used for population surveillance and intelligence exfiltration . This…
As the November Election Approaches, Are Newsrooms Ready for Guccifer 3.0?
Editor & PublisherJul 29 2020 18:46
| Nieman Reports When a Twitter user named @Guccifer_2 direct messaged reporter Sheera Frenkel in June 2016, offering hacked emails from the Democratic National Committee, she demonstrated an instinct that will be crucial for journalists covering the…
Equation Group is alive and kicking and active in Russia: Group-IB report
Reddit – Intelligence News – RSSJul 29 2020 21:54
RedDelta CCP infiltrates The Vatican
MalwareTips.comJul 29 2020 17:50
From early May 2020, The Vatican and the Catholic Diocese of Hong Kong were among several Catholic Church-related organizations that were targeted by RedDelta, a Chinese-state sponsored threat activity group tracked by Insikt Group. Click to…
Malware
da_667 – I remember reading up on how SamSam worked. malware infection >mimikatz/other privesc where possible > scan > shit… https://t.co/Zh271ZDwgQ
da_667 – TwitterJul 29 2020 05:38
I remember reading up on how SamSam worked. malware infection >mimikatz/other privesc where possible > scan > shit out ransomware via smb exec.
Emotet Replaced Trickbot With QakBot Within One Day of Emergence
CywareJul 29 2020 12:24
After a break of more than five months, like old times, Emotet had recently started distributing the same secondary malware – Trickbot . However, it seems that it has found a new partner as a secondary malware – QakBot or QBot, a worm-like strain of…
Dinosn – One of the easiest way to unpack java malware e.g. Qealler is to use Java agent https://t.co/VCe7bRMBhH
Dinosn – TwitterJul 30 2020 03:55
One of the easiest way to unpack java malware e.g. Qealler is to use Java agent https://www.securityinbits.com/malware-analysis/unpacking/unpacking-pyrogenic-qealler-using-java-agent-part-0x2/
Securityblog – RT @AdliceSoftware: Got infected with Zeus (Zbot) Banker? Follow this step by step guide to get rid of it. Our guide also includes a short…
Securityblog – TwitterJul 29 2020 18:11
RT @AdliceSoftware: Got infected with Zeus (Zbot) Banker? Follow this step by step guide to get rid of it. Our guide also includes a short analysis of the malware.
https://www.adlice.com/remove-zeus/
Vulnerabilities
Dinosn – Critical Magento Flaws Allow Code Execution https://t.co/qlsFZ25Mif
Dinosn – TwitterJul 30 2020 02:56
Critical Magento Flaws Allow Code Execution https://threatpost.com/critical-magento-flaws-code-execution/157840/
Critical Magento Flaws Allow Code Execution
Threatpost.comJul 29 2020 21:22
Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform.
Security Flaws Discovered in OKCupid Dating Service
Dark Reading:Jul 29 2020 21:00
Researchers identified a variety of vulnerabilities in apps and websites for the popular online dating platform.
OkCupid Security Flaw Threatens Intimate Dater Details
Threatpost.comJul 29 2020 10:00
Attackers could exploit various flaws in OkCupid's mobile app and webpage to steal victims' sensitive data and even send messages out from their profiles.
Ongoing Campaigns
APT trends report Q2 2020
SecurelistJul 29 2020 10:02
For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a…
North Korea-Linked Lazarus APT is behind the VHD ransomware
Security AffairsJul 29 2020 06:42
Security experts from Kaspersky Lab reported that North Korea-linked hackers are attempting to spread a new ransomware strain known as VHD. North Korean-linked …
North Korea-backed hackers dip their toes into the ransomware pool
ArsTechnicaJul 29 2020 12:01
Enlarge Aurich Lawson / Getty Lazarus—the North Korean state hacking group behind the WannaCry worm , the theft of $81 million from a Bangladesh bank , and the attacks on Sony Pictures —is looking to expand into the ransomware craze, according to…
North Korean Hackers Operate VHD Ransomware, Kaspersky Says
Security WeekJul 29 2020 11:17
The VHD ransomware family that emerged earlier this year is the work of North Korea-linked threat actor Lazarus, Kaspersky’s security researchers reveal. Active for more than a decade and believed to be operating on behalf of the North Korean…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal