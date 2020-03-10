Daily Alert – 10 March 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Ryuk Ransomware
|6
|30
|Fluxwire Trojan
|2
|5
|APT-C-39
|2
|9
|Wadhrama
|1
|1
|sLoad Downloader
|1
|1
|GuLoader
|1
|2
|Parinacota Group
|1
|2
|BitPyLock Ransomware
|1
|1
|Brutal Kangaroo (Vault 7)
|1
|1
|FlawedAmmyy RAT
|1
|1
|Data Breaches
|Passwords still dominant authentication method, top cause of data breaches
|MalwareTips.com – Mar 09 2020 13:20
|Passwords remain the dominant method of authentication and top cause of data breaches, according…
|Infographic: Cyber Attacks and Data Breaches of 2019
|IT Governance Blog – Mar 09 2020 09:00
|Throughout 2019, we kept an eye on cyber attack and data breach reported in mainstream publications, releasing our findings in our …
|AMD, boffins clash over chip data-leak claims: New side-channel holes in decade of cores, CPU maker disagrees
|The Register – Mar 09 2020 21:10
|AMD Downplays CPU Threat Opening Chips to Data Leak Attacks
|Threatpost.com – Mar 09 2020 15:41
|New speculative execution attacks have been disclosed in AMD CPUs, however AMD said that they are not new.
|Hacker Groups
|Human-Operated Ransomware Is a Growing Threat to Businesses: Microsoft
|Security Week – Mar 09 2020 15:39
|Employing techniques usually associated with nation-state threat actors, human-operated ransomware attacks represent a growing threat to businesses, Microsoft warned last week. Different from auto-spreading ransomware, these are hands-on-keyboard…
|Former CIA employee Joshua Schulte was convicted of only minor charges
|Security Affairs – Mar 09 2020 22:14
|Joshua Schulte, the former CIA employee accused of leaking secret agency’s hacking tools to WikiLeaks was…
|Coronavirus, Trump threats, geopolitical campaigns – how they affect your business & what you should do
|SC Magazine US – Mar 09 2020 19:44
|Cybereason’s Nocturnus research team published a report on how it has been tracking an APT group by the name of Molerats. Also known as the ‘Gaza Cyber Gang’ this threat actor is known for espionage campaigns, the latest a highly targeted one against…
|Malware
|Sodinokibi Ransomware operators threaten to leak ‘dirty’ financial data of a company
|Security Affairs – Mar 09 2020 08:00
|Sodinokibi Ransomware operators are threatening to leak a company’s “dirty” financial secrets because they did not pay the ransom. The operators behind the infamous …
|New Variant of TrickBot Being Spread by Word Document
|Fortinet Blog | News and Threat Research – Category: Security Research – Mar 09 2020 07:00
|Discover how this new variant of Trickbot works in a victim's machine, what technologies it uses to perform anti-analysis, and how the payload of TrickBot communicates with its C&C server to download the modules.
|Russian-linked Ryuk ransomware hits Durham, NC
|SiliconANGLE – Mar 10 2020 02:39
|The City of Durham, North Carolina and the County of Durham are the latest victims of a ransomware attack, with services taken offline over the weekend as officials attempted to contain and fix the infection. The attack vector is believed to have…
|Nemty Ransomware Spreads via Love Letter Emails
|Trend Micro – Mar 09 2020 07:27
|A Additional Insights by Joel Arvin Merete Threat actors are distributing Nemty ransomware through a spam campaign using emails that pose as messages from lovers, according to a report by Malwarebytes and X-Force Iris researchers. Trend Micro…
|Vulnerabilities
|Nation-state actors are exploiting CVE-2020-0688 Microsoft Exchange server flaw
|Security Affairs – Mar 09 2020 11:43
|Multiple state-sponsored hacking groups are attempting to exploit a vulnerability recently addressed in Microsoft Exchange email servers. Cybersecurity firm Volexity is warning that nation-state actors are attempting to exploit a vulnerability…
|Microsoft Exchange Server Flaw Exploited in APT Attacks
|Threatpost.com – Mar 09 2020 18:01
|A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn.
|APT Groups Attack Exchange Servers Via Patched Flaw
|Infosecurity – Latest News – Mar 09 2020 09:38
|APT Groups Attack Exchange Servers Via Patched Flaw Multiple likely state-backed APT groups have been detected exploiting a recently patched Microsoft flaw to target Exchange servers. The vulnerability in question, CVE-2020-0688, was…
|Ongoing Campaigns
|Human-Operated Ransomware Is a Growing Threat to Businesses: Microsoft
|Security Week – Mar 09 2020 15:39
|Employing techniques usually associated with nation-state threat actors, human-operated ransomware attacks represent a growing threat to businesses, Microsoft warned last week. Different from auto-spreading ransomware, these are hands-on-keyboard…
|Coronavirus, Trump threats, geopolitical campaigns – how they affect your business & what you should do
|SC Magazine US – Mar 09 2020 19:44
|Cybereason’s Nocturnus research team published a report on how it has been tracking an APT group by the name of Molerats. Also known as the ‘Gaza Cyber Gang’ this threat actor is known for espionage campaigns, the latest a highly targeted one against…
|When it Comes to Email Phishing, Even Sharks Aren’t Safe
|Forcepoint.com – Mar 09 2020 17:45
|Even with all of the awareness and due diligence agencies put in place to try to stay ahead, no one is excluded from these attacks – even Shark Tank millionaire, Barbara Corcoran, who recently lost nearly $400,000 to a phishing email. Corcoran almost…
|9th March – Threat Intelligence Bulletin
|Check Point Research – RSS – Mar 09 2020 14:52
|For the latest discoveries in cyber research for the week of 9th March 2020, please download our Threat Intelligence Bulletin. Top Attacks and Breaches Global fear of the Corona virus epidemic continues to be exploited…
