Threat Reports

Daily Alert – 10 January 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Trickbot Malware 11 14
Dustman Wiper 5 10
Shamoon Virus 5 14
APT33 5 12
APT34 4 9
Lazarus Group 5 8
AppleJeus Trojan 3 5
ZeroCleare Wiper 3 5
SNAKE Ransomware 3 9
Anchor Malware 3 3
Data Breaches
Chinese tech companies still can’t stop medical data leaks
Office of Inadequate SecurityJan 09 2020 12:37
Eliza Gkritsi follows up on something previously reported on this site based on research by WizCase that they had shared…
Dixons Carphone hit with £500,000 fine after data breach affecting 14 million people
ZDNet SecurityJan 09 2020 17:22
Investigation found malware installed on over 5,000 PoS terminals.
Currys PC World parent firm hit with £500k fine over historic data breach
IT Pro UKJan 09 2020 17:59
Hackers said to have stolen data belonging to 14 million customers over a nine-month period
Las Vegas Data Breach Announced Amid Warnings Of Iranian Cyber Threat
Information Security BuzzJan 09 2020 14:37
A data breach in Las Vegas comes amid tensions with Iran and a warning from homeland security of quote “potentially disruptive and destructive” Iranian cyber operations. The city released the following statement to News 3: The city of…
Hacker Groups
Lazarus Group Continues to Target Cryptocurrency Holders
TechNaduJan 09 2020 11:56
The Lazarus hacking group has released a bunch of new malicious crypto-coin transaction tools. The group continues to focus on macOS users, but still releases Windows versions of its malware too. People are advised to avoid tools named after Cyptian,…
TrickBot Gang Created a Custom Post-Exploitation Framework
MalwareTips.comJan 09 2020 12:30
Instead of relying on premade and well-known toolkits, the threat actors behind the TrickBot trojan decided to develop a private post-exploitation toolkit called PowerTrick to spread malware laterally throughout a network. When an attacker gains…
Iranian APT Group Overview
CyberCrime & Doing TimeJan 10 2020 05:35
Today the Birmingham InfraGard Chapter and the Alabama ISSA held a joint meeting featuring a presentation from the Cybersecurity & Infrastructure Security Administration, part of DHS that was formerly known as the NPPD.  I learned of a ton…
More Threat Groups Target Electric Utilities in North America
Security WeekJan 09 2020 20:18
An increasing number of threat groups have been spotted targeting electric utilities in North America, industrial cybersecurity firm Dragos reported on Thursday. The company has published a new report that describes the threats faced by the electric…
Malware
Predator the Thief
Security Bloggers NetworkJan 09 2020 21:55
Predator the Thief is a stealthy credential stealing malware that focuses on collecting credentials and sensitive information like usernames, passwords, browser data and payment data. Today, the latest versions of this malware can be found… <…
EXPERT COMMENTS: SNAKE Ransomware Targets Organizations’ Entire Corporate Networks
Information Security BuzzJan 09 2020 14:18
In response to the news that SNAKE ransomware is targeting entire corporate networks, expert offers perspective. SNAKE Ransomware is The Next Threat Targeting Business Networks – by @LawrenceAbramshttps://t.co/U6b9Pfs0zJ —…
LOKI – Free IOC Scanner
MalwareTips.comJan 09 2020 17:50
LOKI is a free and simple IOC scanner, a complete rewrite of main analysis modules of our full featured APT Scanner THOR. IOC stands for " Indicators of Compromise “. These indicators can be derived from published incident reports, forensic…
Sodinokibi Ransomware Says Travelex Will Pay, One Way or Another
BleepingComputer.comJan 09 2020 17:19
The attackers behind the Sodinokibi Ransomware are applying pressure on Travelex to pay a multi-million dollar ransom by stating they will release or sell stolen data that allegedly contains customer's personal information. […]
Vulnerabilities
Mozilla addresses CVE-2019-17026 Firefox Zero-Day exploited in targeted attacks
Security AffairsJan 09 2020 09:41
Mozilla has released security updates for Firefox browser that address a zero-day vulnerability (CVE-2019-17026) that has been exploited in targeted attacks. Mozilla has released security updates for Firefox browser that address a zero-day flaw…
Experts warn of ongoing scans for Citrix servers affected by CVE-2019-19781
Security AffairsJan 09 2020 21:34
Threat actors are probing Citrix servers in the attempt to exploit the CVE-2019-19781 remote code execution vulnerability. Security researchers are warning of ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix…
Cisco delivers your Patch Tuesday warm-up with WebEx, IOS fixes for a few irritating security holes • DigitalMunition
DigitalMunitionJan 10 2020 01:06
Cisco has released a fresh batch of security updates for its networking and comms gear lines. The high-priority patch this month is the fix for CVE-2019-16009, a cross-site request forgery, in the web UI of Cisco IOS and Cisco IOS XE that can be…
Cisco patches multiple vulnerabilities | DigitalMunition
DigitalMunitionJan 09 2020 17:25
Cisco released 14 security advisories on January 8 with two being rated as having a potentially high impact and the remainder listed as medium issues. The two rated high are CVE-2019-16005 and CVE-2019-16009. The first is a Cisco Webex video mesh node comm…
Ongoing Campaigns
Iranian hackers hit Bahrain oil company, target US power utilities
SiliconANGLEJan 10 2020 02:45
Iranian hackers have successfully hit Bahrain’s national oil company as a new report has found that Iranian state-sponsored hackers have also been targeting U.S. power utilities. The attack in Bahrain targeted oil company Bapco Dec. 29 and is said to…
More Threat Groups Target Electric Utilities in North America
Security WeekJan 09 2020 20:18
An increasing number of threat groups have been spotted targeting electric utilities in North America, industrial cybersecurity firm Dragos reported on Thursday. The company has published a new report that describes the threats faced by the electric…
What is a false flag? How state-based hackers cover their tracks
CSO MagazineJan 09 2020 11:28
False flag definition A false flag cyberattack is when a hacker or hacking group stages an attack in a way that attempts to fool their victims and the world about who's responsible or what their aims are. The techniques used in this type of attack run…
Iranian APT Group Overview
CyberCrime & Doing TimeJan 10 2020 05:35
Today the Birmingham InfraGard Chapter and the Alabama ISSA held a joint meeting featuring a presentation from the Cybersecurity & Infrastructure Security Administration, part of DHS that was formerly known as the NPPD.  I learned of a ton…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • Daily Alert – 29 January 2020

    Daily Alert: Update: Top 5 Health Data Breaches...
  • Daily Alert – 28 January 2020

    Daily Alert: Where to find data breaches...
  • Daily Alert – 27 January 2020

    Daily Alert: State, Private Attorneys Help Indiana Businesses Understand Data Breach Issues...
View all News

Request a demo

Get in touch