Threat Reports

Daily Alert – 08 January 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Sodinokibi Ransomware 10 21
Predator The Thief Malware Kit 4 6
SideWinder APT 4 11
Imminent Monitor RAT 3 3
APT35 3 4
Magecart Group 5 14
APT33 3 7
RcSession Malware 2 3
Bronze President 2 3
PlugX Trojan 2 5
Data Breaches
Expert On News: Crypto Exchange Poloniex Forces Password Reset Following Data Breach
Information Security BuzzJan 07 2020 11:15
A cryptocurrency exchange has been forced to reset customer passwords after a suspected data leak via social media, although its incident response efforts caused more confusion among some users. US-based exchange Poloniex informed around 1% of its…
Wawa’s data breach hits close to home but reflects global problem
DigitalMunitionJan 07 2020 10:24
Beginning March 4, names, numbers, and expiration dates on customer credit and/or debit cards were compromised by a cyber hack that installed malware on servers used to process gas pump and in-store transactions at potentially all Wawa locations….
FTC approves settlement with Utah tech company after data breach
Seclists.org – Data LossJan 07 2020 15:36
Posted by Destry Winant on Jan 07…
Unveiling the top hacking methods across industries
DigitalMunitionJan 07 2020 12:22
Last year, more than half of UK businesses fell victim to cybercriminals and bad actors. The pandora’s box of cybercrime is open, as the   worldwide economic impact of  cybercrime  reached up to US$45 billion in 2018, according to the Internet…
Hacker Groups
MageCart Attackers Steal Card Info from Focus Camera Shoppers
BleepingComputer.comJan 07 2020 11:15
The website of popular photography and imaging retailer Focus Camera got hacked late last year by MageCart attackers to inject malicious code that stole customer payment card details. […]
Chinese Cyber-Espionage Group Targeted NGOs for Years
Security WeekJan 08 2020 06:06
A cyber-espionage group supposedly linked to the Chinese government is targeting non-governmental organizations (NGOs) in South and East Asia, Secureworks has revealed. Referred to as BRONZE PRESIDENT, the group may have been active since at least…
China-based Bronze President APT targets South and East Asia
Security AffairsJan 07 2020 11:01
A cyber-espionage group tracked as Bronze President has been targeting countries in South and East Asia, Secureworks experts warn. Researchers at Secureworks’ Counter Threat Unit (…
MageCart gang compromised popular Focus Camera website
Security AffairsJan 07 2020 15:52
A new MageCart attack made the headlines, this time the gang compromised the website of popular Focus Camera. The Magecart group has compromised the website of the photography and imaging retailer Focus Camera. The hack took place last year, the…
Malware
Predator the Thief: Analysis of Recent Versions
MalwareTips.comJan 07 2020 16:48
FortiGuard Labs has been monitoring a new release of the malware known as Predator the Thief, labeled as version 3.3.4. After our last…
‘Maze’ ransomware threatens data exposure unless $6m ransom paid
ste williamsJan 07 2020 17:20
What’s the most effective way to fight back against a large ransomware attack? Normally, the answer would be technical or organisational, but a new type of ransomware called Maze seems to have stirred up a very different response in one of its recent…
Maze Ransomware Victim Sues Anonymous Attackers
Seclists.org – Data LossJan 07 2020 15:37
Posted by Destry Winant on Jan 07 https://www.databreachtoday.com/maze-ransomware-victim-sues-anonymous-attackers-a-13574 A Georgia manufacturer that was hit by the Maze ransomware gang is fighting back by suing its attackers even though their…
CVE-2019-11510: Critical Pulse Connect Secure Vulnerability Used in Sodinokibi Ransomware Attacks
Tenable BlogJan 07 2020 17:47
Recent rash of ransomware attacks are leveraging an eight-month-old flaw in a popular SSL VPN solution used by large organizations and governments around the world. Background On January 4, security researcher Kevin Beaumont (…
Vulnerabilities
Widely Known Flaws in Pulse Secure VPN and Android Phones Exploited in the Wild to Launch Attacks
CywareJan 07 2020 15:55
| The flaw tracked as CVE-2019-1150 affects Pulse Secure VPN and has been rated ‘Highly’ critical. Android phones are affected by a Binder vulnerability tracked as CVE-2019-2215. Targeting unpatched devices or products can wreak havoc worldwide. Lately,…
Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March
Security AffairsJan 07 2020 09:19
Security experts have found a malicious app in the Google Play that exploits the recently patched CVE-2019-2215 zero-day vulnerability. Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a …
CVE-2019-11510: Critical Pulse Connect Secure Vulnerability Used in Sodinokibi Ransomware Attacks
Tenable BlogJan 07 2020 17:47
Recent rash of ransomware attacks are leveraging an eight-month-old flaw in a popular SSL VPN solution used by large organizations and governments around the world. Background On January 4, security researcher Kevin Beaumont (…
Pulse Secure VPN Vulnerability Exploited to Deliver Ransomware
Seclists.org – Data LossJan 07 2020 15:37
Posted by Destry Winant on Jan 07 https://www.securityweek.com/pulse-secure-vpn-vulnerability-exploited-deliver-ransomware A widely known vulnerability affecting an enterprise VPN product from Pulse Secure has been exploited by cybercriminals to…
Ongoing Campaigns
Phishing Emails on the Rise as Spear Phishing Continues to Return Bigger Payouts
DigitalMunitionJan 07 2020 14:19
New data from Microsoft Security Insights sheds some needed light on exactly what the bad guys are doing and how they’re shifting tactics. Sometimes it feels like the bad guys are attacking from all sides, often making it difficult to determine which…
Iranian Cyber Response to Death of IRGC Head Would Likely Use Reported TTPs and Previous Access
Recorded Future – BlogJan 07 2020 17:00
Recorded Future’s Insikt Group® reviewed available information to analyze the likelihood of Iranian response to the killing of Qassem Suleimani. This report serves to provide a compilation of likely tactics, tools, and groups involved in a…
Hackers steal credit card data using malicious images
DigitalMunitionJan 08 2020 00:20
Recent technological advances have led to new variants of hacking and cyberattack. Over the past two years, information security firm and independent researchers have given special follow-up to one of these new methods, known as steganography attack,…
Web Skimming Attack on Blue Bear Affects School Admin Software Users
Trend MicroJan 07 2020 13:27
A web skimming attack was used to target a school administration software that handles school accounting, student fees, and online stores for K-12 and other educational institutions. Active Networks, the parent company of the concerned Blue Bear…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • Daily Alert – 29 January 2020

    Daily Alert: Update: Top 5 Health Data Breaches...
  • Daily Alert – 28 January 2020

    Daily Alert: Where to find data breaches...
  • Daily Alert – 27 January 2020

    Daily Alert: State, Private Attorneys Help Indiana Businesses Understand Data Breach Issues...
View all News

Request a demo

Get in touch