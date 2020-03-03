Daily Alert – 03 March 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|DoppelPaymer Ransomware
|9
|27
|Nemty Ransomware
|6
|14
|Ryuk Ransomware
|6
|14
|Lazarus Group
|4
|10
|Karkoff
|2
|2
|Dharma Ransomware
|2
|2
|Sodinokibi Ransomware
|3
|12
|GhostCat-3PC Malware
|2
|12
|Maze Ransomware
|3
|13
|APT34
|2
|3
|Data Breaches
|Do you have a data breach response plan?
|Help Net Security – News – Mar 03 2020 05:30
|While corporations today are more knowledgeable about security threats and prepared to respond to data breaches, there are key areas in which progress declined in 2019, according to a study conducted by the Ponemon Institute. Prepare beyond your…
|Ca: SFU reviewing security measures after data breach exposes personal information
|Office of Inadequate Security – Mar 02 2020 23:50
|Katya Slepian reports: Simon Fraser University has been hit by a data breach, a spokesperson said Monday. A spokesperson…
|20 Israelis sue Likud over app breach that led to massive data leak
|Seclists.org – Data Loss – Mar 02 2020 15:43
|Posted by Destry Winant on Mar 02…
|US Railroad Contractor Reports Data Breach After Ransomware Attack
|Seclists.org – Data Loss – Mar 02 2020 15:43
|Posted by Destry Winant on Mar 02…
|Hacker Groups
|[Intelligence Report] Profiling of TA505 Threat Group
|Reverse Engineering – Mar 02 2020 08:06
|submitted by /u/montouesto [link]…
|US Charges And Sanctions Lazarus Groups Chinese Crypto Launderers
|SecurityPhresh – Mar 03 2020 02:01
|Over US$100m in stolen cryptocurrency moved.
|Karkoff 2020: a new APT34 espionage operation involves Lebanon Government
|Security Affairs – Mar 02 2020 19:19
|Experts from Cybaze/ Yoroi Zlab spotted a new sample of the Karkoff implant that was employed in past campaigns associated with Iran-linked APT34 group.Experts from Cybaze/ Yoroi Zlab spotted a new sample of the Karkoff implant that was employed in…
|Poised for a giant leap forward
|SC Magazine US – Mar 02 2020 13:44
|Cybersecurity has enjoyed good health but is an industry itching for innovation and transformation – and the next big thing, Teri Robinson reports. When Neil Armstrong climbed down the ladder on the Apollo 11 lunar module, the Eagle, and toed the…
|Malware
|Nemty Ransomware Punishes Victims by Posting Their Stolen Data
|BleepingComputer.com – Mar 03 2020 00:10
|The Nemty Ransomware is the latest cybercrime operation to create a data leak site to punish victims who refuse to pay ransoms. […]
|Nemty ransomware “LOVE_YOU” malspam campaign
|Security Affairs – Mar 02 2020 08:04
|Security experts uncovered an ongoing campaign delivering Nemty Ransomware via emails disguised as messages from secret lovers. Researchers from Malwarebytes and X-Force IRIS have uncovered an ongoing spam campaign distributing the …
|DoppelPaymer ransomware hits SpaceX, Tesla & Boeing’s parts manufacturer
|HackRead – Mar 02 2020 16:14
|By Deeba Ahmed According to security researchers, DoppelPaymer Ransomware is a relatively new file-encrypting and data-stealing malware. This is a post from HackRead.com Read the original post: …
|Active Scans for Apache Tomcat Ghostcat Vulnerability Detected, Patch Now
|MalwareTips.com – Mar 02 2020 18:23
|Ongoing scans for Apache Tomcat servers unpatched against the Ghostcat vulnerability that allows potential attackers to take over servers have been detected over the weekend. As cyber threat intelligence firm Bad Packets…
|Vulnerabilities
|March 2nd – Threat Intelligence Bulletin
|Check Point Research – RSS – Mar 02 2020 10:30
|For the latest discoveries in cyber research for the week of March 2nd 2020, please download our …
|9 Vulnerability Management Pitfalls To Avoid
|Information Security Buzz – Mar 02 2020 11:41
|Vulnerability management (VM) can seem unmanageable at times. But the key to successful VM is working smarter rather than harder. If you approach VM intelligently and prioritize appropriately, you can keep the number of resulting tasks from spiraling…
|Vulnerability Summary for the Week of February 24, 2020
|US-CERT Bulletins – Mar 02 2020 13:44
|Original release date: March 2, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have…
|5 Cybersecurity Issues to Address in the Asia-Pacific Region
|Palo Alto Networks Blog – Mar 02 2020 14:00
|As technology develops, the cybersecurity industry faces shifting challenges and opportunities. As a global cybersecurity company, we’re always working to identify key areas of focus for different regions. Here are some of the major cybersecurity…
|Ongoing Campaigns
|The hottest topic: Ransomware
|SC Magazine US – Mar 02 2020 13:44
|The attacks that transpired last year alone arguably made ransomware the hot topic of the year and most likely a leading contender for 2020, as well, but a new element that cropped up late last year – attackers adding a layer of blackmail to the threat…
|This phishing email contains a password-protected file. Don’t open it.
|ZDNet Security – Mar 02 2020 13:06
|Researchers at Palo Alto Networks detail a strange new campaign which tricks users with phoney security and compromises networks.
|Windows 10 ActiveX control hacked to execute TrickBot dropper
|SC Magazine UK – Mar 02 2020 13:01
|53 minutes ago News by Rene Millman Hackers are exploiting a Windows 10 ActiveX control to download a malware downloader called Ostap, which has been used by TRickBot for delivery of malicious macros as part of phishing campaign Hackers are exploiting a…
