Cyber Alert – 31 May 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|LokiBot Trojan
|13
|15
|AZORult Stealer
|5
|10
|Winnti Group
|2
|4
|Turla Malware
|1
|2
|CraftyCockney
|1
|3
|TheDarkOverlord
|1
|3
|Netwire RAT
|1
|1
|Sarwent
|1
|5
|Magecart Malware
|1
|1
|GuLoader
|1
|4
|Data Breaches
23% of leading banks had an exposed database with potential data leakage in April
|helpnetsecurity – Twitter – May 30 2020 16:01
|23% of leading banks had an exposed database with potential data leakage in April – https://www.helpnetsecurity.com/2020/05/27/banks-exposed-database/ – @reposify #cybersecurity #banks #attack_surface #vulnerability #cybersecuritynews…
200K sites with buggy #WordPress plugin exposed to wipe #attacks
|teamcymru – Twitter – May 31 2020 00:19
|200K sites with buggy #WordPress plugin exposed to wipe #attacks #infosec https://bit.ly/3cefEB5 https://twitter.com/teamcymru/status/1266886870178435074/photo/1
I never visited the ASR usenet, but the quotes and some of the historical stuff (like the BOFH) was something I was exposed to early in my career.
|da_667 – Twitter – May 30 2020 17:16
|@luisbruno I never visited the ASR usenet, but the quotes and some of the historical stuff (like the BOFH) was something I was exposed to early in my career.
I am in front of the White House on Pennsylvania Avenue. One row of barricades here has been breached with at least twenty feet of the fencing down. Secret Service are holding the line with riot shields.
|kfalconspb – Twitter – May 30 2020 05:02
|RT @hunterw: I am in front of the White House on Pennsylvania Avenue. One row of barricades here has been breached with at least twenty feet of the fencing down. Secret Service are holding the line with riot shields….
|Hacker Groups
One down: Nathan Wyatt of thedarkoverlord agrees to plead guilty
https://t.co/aZcP15ITa5
|Cyber_War_News – Twitter – May 30 2020 14:22
|One down: Nathan Wyatt of thedarkoverlord agrees to plead guilty
https://www.databreaches.net/one-down-nathan-wyatt-of-thedarkoverlord-agrees-to-plead-guilty/
|admin wrote a new post, Pakistan stock exchange (The Karachi Stock market & pakstock market) down by Bangladesh Cyber Army
|DigitalMunition – May 30 2020 08:00
|[embedded content] Pakistan Stock Market under massive cyber attack by Bangladesh Cyber Army (BCA) [╬] The Karachi Stock Market Down by Bangladesh Cyber Army http://kse.com.pk/ [╬] Pakistan Stock Exchange down by Bangladesh Cyber Army http://pakstockexcha…
Minted confirms data breach as Shiny Hunters sell its database
|Dinosn – Twitter – May 30 2020 12:15
|Minted confirms data breach as Shiny Hunters sell its database https://www.hackread.com/minted-data-breach-shiny-hunters-sell-database/
Taiwan suggests China's Winnti group is behind ransomware attack on state oil company
|CyberScoopNews – Twitter – May 30 2020 19:14
|Taiwan suggests China’s Winnti group is behind ransomware attack on state oil company https://hubs.ly/H0qZMQP0
|Vulnerabilities
|StrandHogg is Back and Stronger As a More Sophisticated Vulnerability
|CERT-EU VulnerabilitiesApplications – May 30 2020 16:07
|Android is vulnerable anew owing it to a new vulnerability which goes by the name of “StrandHogg 2.0” That is right. StrandHogg is back and now has affected numerous Android devices putting over a Billion Android devices in jeopardy. The…
|Critical Android flaw lets attackers hijack almost any app, steal data
|CERT-EU VulnerabilitiesApplications – May 31 2020 01:38
|Researchers have found a critical flaw that affects nearly all devices running Android 9.0 or older, which implies that over 90% of Android users could be vulnerable. If exploited, the security hole allows hackers to hijack almost any app and steal…
|Sign in with Apple flaw let attackers take over accounts (Engadget)
|CERT-EU VulnerabilitiesApplications – May 31 2020 03:57
|—Sign in with Apple— is potentially more private than other login options, but it apparently included a serious security flaw. Researcher Bhavuk Jain recently received a $100,000 bug bounty for discovering (via Hacker News) a flaw in the sign-in…
|Security Bulletin: Vulnerability in Apache CXF affects WebSphere Application Server (CVE-2019-12406)
|CERT-EU VulnerabilitiesApplications – May 31 2020 01:13
|May 30, 2020 8:00 pm EDT | Medium Severity There is a denial of service in the Apache CXF library used by WebSphere Application Server. This has been addressed. May 29, 2020 8:00 pm EDT | Medium Severity There is an unspecified vulnerability…
|Ongoing Campaigns
GitHub Supply Chain Attack Uses Octopus Scanner Malware
|cybersecboardrm – Twitter – May 30 2020 21:36
|GitHub Supply Chain Attack Uses Octopus Scanner Malware #Cybersecurity #security https://www.darkreading.com/vulnerabilities—threats/github-supply-chain-attack-uses-octopus-scanner-malware/d/d-id/1337943
