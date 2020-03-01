Daily Alert – 01 March 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|tonyredball
|1
|2
|solarsalvador1234
|1
|2
|BitPyLock Ransomware
|1
|1
|Ostap Downloader
|1
|4
|GhostCat-3PC Malware
|1
|9
|Nemty Ransomware
|1
|8
|Sodinokibi Ransomware
|1
|8
|Maze Ransomware
|1
|11
|Lazarus Group
|1
|8
|Trickbot Malware
|2
|13
|Data Breaches
|US Railroad Contractor Reports Data Breach After Ransomware Attack
|Office of Inadequate Security – Feb 29 2020 11:01
|Sergiu Gatlan reports: RailWorks Corporation, one of North America’s leading railroad track and transit system providers,…
|BGR India’s data hacked, shared on hacking forum: Report
|DataBreaches.net – Feb 29 2020 11:00
|IANS reports: Hackers have reportedly compromised tech company BGR’s (Boy Genius Report) India website and dumped its data containing emails, hashed passwords and other information on the Dark Web. According to data breach monitoring service ‘Under…
|Hacker Groups
|Episode 68: More Plugin Vulnerabilities and Active Attack Campaigns
|Wordfence – RSS – Feb 29 2020 16:43
|This week, we review numerous plugin vulnerabilities in popular WordPress plugins and the attacks that are targeting them. We also review the Duplicator vulnerability affecting over 1 million sites, and Chloe Chamberland’s discovery of…
|Malware
|Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm
|Security Affairs – Feb 29 2020 22:44
|Not only Maze ransomware gang, the operators behind Sodinokibi Ransomware allegedly leaked the data of Kenneth Cole Productions. The operators behind …
|Meet the white-hat group fighting Emotet, the world’s most dangerous malware
|ZDNet Zero Day Blog – Feb 29 2020 08:00
|A private group of 20+ security researchers and system administrators have been waging a silent war against Emotet, today's most dangerous malware operation.
|New Trickbot Delivery Method Focuses on Windows 10
|MalwareTips.com – Feb 29 2020 09:32
|Researchers have identified the use of Windows 10 functionality to automatically execute the OSTAP JavaScript downloader on victim machines. In their investigation, they found other attack groups abusing the same control, and earlier controls, with a…
|Patch your Tomcat and JBoss instances to protect from GhostCat vulnerability (CVE-2020–1938 and…
|Security Bloggers Network – Feb 29 2020 18:16
|Patch your Tomcat and JBoss instances to protect from GhostCat vulnerability (CVE-2020–1938 and CNVD-2020–10487) Credits :…
|Vulnerabilities
|Crooks are attempting to take over tens of thousands of WordPress sites
|Security Affairs – Feb 29 2020 16:15
|Threat actors are launching a hacking campaign aimed at taking over tens of thousands of WordPress sites by exploiting critical vulnerabilities. One of the issues exploited in the attacks is a zero-day vulnerability that affects several plugins and…
|Latest Nvidia GPU Driver Update Fixes High and Medium Severity Flaws
|TechNadu – Feb 29 2020 10:19
|Two flaws in the Nvidia Control Panel component could result in DoS and sensitive info exfiltration. Nvidia has pushed fixes for Windows, but some Tesla products will have to wait until March to get them. One of the vulnerabilities require local access…
|Ongoing Campaigns
|FBI Warned Of Fraudster’s Paradise: Up To 130,000 Hacked Asus Routers On Sale For A Few Dollars
|Office of Inadequate Security – Feb 29 2020 11:01
|Thomas Brewster reports: The FBI has been tipped off about a novel cybercriminal operation in which a hacker managed not…
