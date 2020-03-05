Daily Alert – 05 March 2020
Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|The Shadow Brokers
|4
|5
|Gaza Cybergang
|4
|5
|APT-C-39
|3
|5
|Fluxwire Trojan
|2
|3
|Spark Malware
|2
|3
|AgentTesla Keylogger
|2
|3
|Ryuk Ransomware
|4
|18
|GhostCat-3PC Malware
|2
|15
|Mailto Ransomware
|2
|3
|The Lamberts
|1
|1
|Data Breaches
|Why is identity and access management so important in preventing data breaches?
|Security Bloggers Network – Mar 04 2020 23:10
|Access Management solutions provide authentication and authorization services and enforce user access policy to a company’s employees and customers across the web, mobile apps, and other digital channels. …
|Cathay Pacific hit with £500,000 fine for customer data breach
|ZDNet Security – Mar 04 2020 15:33
|Information Commissioner's Office said breach was 'particularly concerning' and went undetected between 2014 and 2018.
|Carnival Cruise Line Operator Discloses Potential Data Breach
|BleepingComputer.com – Mar 04 2020 21:14
|The world's largest cruise ship operator Carnival Corporation & plc announced a potential data breach affecting some of its customers after hackers accessed employee email accounts. […]
|Lessons Learned from 2019’s Biggest Data Breaches
|Security Bloggers Network – Mar 04 2020 08:00
|…
|Hacker Groups
|New Cobalt Ulster Malware
|IT Security Guru – Mar 04 2020 10:09
|A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat (APT) group known as Cobalt Ulster. The emails distributing ForeLord were…
|Hacking Group “Molerats” Targets the Governments of Six Countries
|TechNadu – Mar 04 2020 10:48
|The Gaza Strip hackers are engaging in a large-scale campaign with unclear motives. The actors are sending phishing emails that attempt to plant the “Spark” backdoor onto the victim’s system. The attachments are either macro-ridden documents of PDF…
|CIA Hacking unit APT-C-39 hit China since 2008
|Security Affairs – Mar 04 2020 08:20
|Chinese security firm Qihoo 360 revealed that the US CIA has hacked Chinese organizations in various sectors for the last 11 years. Chinese security firm Qihoo 360 is accusing that the US Central Intelligence Agency (CIA) of having hacked Chinese…
|Hamas-Linked Hackers Add Insurance and Retail to Target List
|Security Week – Mar 04 2020 17:36
|MoleRATs, a politically-motivated threat actor apparently linked to the Palestinian terrorist organization Hamas, has expanded its target list to include insurance and retail industries, Palo Alto Networks’ security researchers report. Also referred…
|Malware
|Maze ransomware
|Security Bloggers Network – Mar 04 2020 14:01
|Introduction One of the many recurring themes in cybersecurity echoes one of the great mottos in life of “the only thing constant is change.” Ransomware is no exception to this rule, and this is best… Go on to the site to read the full…
|Scanning For Ghostcat – Expert Reaction
|Information Security Buzz – Mar 04 2020 10:22
|Mass scanning activity of Apache Tomcat servers that have not been patched from the Ghostcat vulnerability has been detected. The ISBuzz Post: This Post …
|Windows Explorer Used by Mailto Ransomware to Evade Detection
|BleepingComputer.com – Mar 04 2020 17:09
|A newly discovered Mailto (NetWalker) ransomware strain can inject malicious code into the Windows Explorer process so that the malware can evade detection. […]
|Ryuk ransomware hits Fortune 500 company EMCOR
|ZDNet Zero Day Blog – Mar 05 2020 03:25
|Company expects the incident to have an impact on its 2020 earnings, according to its 2019 Q4 financial report.
|Vulnerabilities
|Cisco Patches Remote Code Execution Flaws in Webex Player
|Security Week – Mar 04 2020 21:17
|Cisco has released patches to address more than a dozen vulnerabilities across various products, including two code execution bugs in Webex Player that could be exploited remotely. Tracked as CVE-2020-3127 and CVE-2020-3128 and rated high severity…
|Google addresses over 70 flaws in Android, including a remotely exploitable issue
|Security Affairs – Mar 04 2020 09:50
|Google’s March 2020 security updates for Android address over 70 flaws, including a critical vulnerability that affects the media framework. Google’s March 2020 security updates for Android include the fix for a critical vulnerability, tracked as…
|Measuring Security Risk in a Medical IoT World
|Security Intelligence – Mar 04 2020 11:00
|The medical internet of things (IoT) is no longer a futuristic concept. It is here today, and it includes devices you may have never considered a part of the patient care ecosystem, such as elevators, beds, exit signs and clocks. Between those…
|Coupon Creation Vulnerability Patched In WooCommerce Smart Coupons
|Wordfence – RSS – Mar 04 2020 15:59
|Description: Unauthenticated Coupon Creation Affected Plugin: WooCommerce Smart Coupons Affected Versions: <= 4.6.0 CVSS Score: 5.3 (Medium) CVSS Vector:…
|Ongoing Campaigns
|Hamas-Linked Hackers Add Insurance and Retail to Target List
|Security Week – Mar 04 2020 17:36
|MoleRATs, a politically-motivated threat actor apparently linked to the Palestinian terrorist organization Hamas, has expanded its target list to include insurance and retail industries, Palo Alto Networks’ security researchers report. Also referred…
|Hacking Group “Molerats” Targets the Governments of Six Countries
|TechNadu – Mar 04 2020 10:48
|The Gaza Strip hackers are engaging in a large-scale campaign with unclear motives. The actors are sending phishing emails that attempt to plant the “Spark” backdoor onto the victim’s system. The attachments are either macro-ridden documents of PDF…
|New Cobalt Ulster Malware
|IT Security Guru – Mar 04 2020 10:09
|A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat (APT) group known as Cobalt Ulster. The emails distributing ForeLord were…
|Can your network operator stop your smart washer from airing your dirty laundry?
|SC Magazine US – Mar 04 2020 13:00
|Migration to 5G and the better connectivity it promises has also brought with it an equally burgeoning cybersecurity threat landscape. This, coupled with the proliferation of IoT devices that are fraught with inherent security flaws, means even bigger…
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.