Threat Reports

  |  Tags: daily cyber digest

Cyber Alert – 31 May 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
LokiBot Trojan 13 15
AZORult Stealer 5 10
Winnti Group 2 4
Turla Malware 1 2
CraftyCockney 1 3
TheDarkOverlord 1 3
Netwire RAT 1 1
Sarwent 1 5
Magecart Malware 1 1
GuLoader 1 4
Data Breaches
helpnetsecurity – 23% of leading banks had an exposed database with potential data leakage in April – https://t.co/iMF2ZjzZkp -… https://t.co/ourPoczeIJ
helpnetsecurity – TwitterMay 30 2020 16:01
teamcymru – 200K sites with buggy #WordPress plugin exposed to wipe #attacks #infosec https://t.co/W3KOr3BFkw https://t.co/mevwxjarmF
teamcymru – TwitterMay 31 2020 00:19
da_667 – @luisbruno I never visited the ASR usenet, but the quotes and some of the historical stuff (like the BOFH) was some… https://t.co/x1jvxW0S8o
da_667 – TwitterMay 30 2020 17:16
kfalconspb – RT @hunterw: I am in front of the White House on Pennsylvania Avenue. One row of barricades here has been breached with at least twenty fee…
kfalconspb – TwitterMay 30 2020 05:02
Hacker Groups
Cyber_War_News – One down: Nathan Wyatt of thedarkoverlord agrees to plead guilty
Cyber_War_News – TwitterMay 30 2020 14:22
One down: Nathan Wyatt of thedarkoverlord agrees to plead guilty
admin wrote a new post, Pakistan stock exchange (The Karachi Stock market & pakstock market) down by Bangladesh Cyber Army
DigitalMunitionMay 30 2020 08:00
[embedded content] Pakistan Stock Market under massive cyber attack by Bangladesh Cyber Army (BCA) [╬] The Karachi Stock Market Down by Bangladesh Cyber Army http://kse.com.pk/ [╬] Pakistan Stock Exchange down by Bangladesh Cyber Army http://pakstockexcha…
Dinosn – Minted confirms data breach as Shiny Hunters sell its database https://t.co/8Bjvk6y006
Dinosn – TwitterMay 30 2020 12:15
CyberScoopNews – Taiwan suggests China’s Winnti group is behind ransomware attack on state oil company https://t.co/DjQEVQBCxu
CyberScoopNews – TwitterMay 30 2020 19:14
Malware
NetWalker ransomware gang threatens to release Michigan State University files
Security AffairsMay 30 2020 14:07
Michigan State University is the last victim of the NetWalker ransomware, attackers threaten to leak stolen files if it will not pay the ransom in seven days. …
VK_Intel – RT @rpargman: This is certain to be an outstanding course for malware analysts to increase their skill level. Malware authors are getting b…
VK_Intel – TwitterMay 30 2020 20:49
RT @rpargman: This is certain to be an outstanding course for malware analysts to increase their skill level. Malware authors are getting better and sneakier at hiding from security tools, but no malware is a match for a clever analyst with good…
ZDNet – Toll restoring services following ransomware attack https://t.co/Tcdy62ApPP
ZDNet – TwitterMay 31 2020 03:45
ZDNet – Toll restoring services following ransomware attack https://t.co/qXeFYW8fUp
ZDNet – TwitterMay 30 2020 23:30
Vulnerabilities
StrandHogg is Back and Stronger As a More Sophisticated Vulnerability
CERT-EU VulnerabilitiesApplicationsMay 30 2020 16:07
Android is vulnerable anew owing it to a new vulnerability which goes by the name of “StrandHogg 2.0” That is right. StrandHogg is back and now has affected numerous Android devices putting over a Billion Android devices in jeopardy. The…
Critical Android flaw lets attackers hijack almost any app, steal data
CERT-EU VulnerabilitiesApplicationsMay 31 2020 01:38
Researchers have found a critical flaw that affects nearly all devices running Android 9.0 or older, which implies that over 90% of Android users could be vulnerable. If exploited, the security hole allows hackers to hijack almost any app and steal…
Sign in with Apple flaw let attackers take over accounts (Engadget)
CERT-EU VulnerabilitiesApplicationsMay 31 2020 03:57
—Sign in with Apple— is potentially more private than other login options, but it apparently included a serious security flaw. Researcher Bhavuk Jain recently received a $100,000 bug bounty for discovering (via Hacker News) a flaw in the sign-in…
Security Bulletin: Vulnerability in Apache CXF affects WebSphere Application Server (CVE-2019-12406)
CERT-EU VulnerabilitiesApplicationsMay 31 2020 01:13
May 30, 2020 8:00 pm EDT | Medium Severity There is a denial of service in the Apache CXF library used by WebSphere Application Server. This has been addressed. May 29, 2020 8:00 pm EDT | Medium Severity There is an unspecified vulnerability…
Ongoing Campaigns
cybersecboardrm – GitHub Supply Chain Attack Uses Octopus Scanner Malware #Cybersecurity #security https://t.co/QK9k4Vc1Bs
cybersecboardrm – TwitterMay 30 2020 21:36
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

  • Cyber Alert – 29 May 2020

    Cyber Alert: Secnewsbytes - 23% of leading banks had an exposed database with potential data leakage - Help Net Security https://t.co/DQMjHcZFAK...
  • Threat Summary: 22 – 28 May 2020

    22 – 28 May 2020 Silobreaker’s Weekly Cyber Digest is a quantitative summary of our threat reports, published every Thursday. The reports are created...
  • Cyber Alert – 28 May 2020

    Cyber Alert: troyhunt - RT @haveibeenpwned: New breach: Wishbone was breached (again) in January resulting in almost 10M unique email addresses being exposed. Also…...
