Threat Reports

Daily Alert – 11 January 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Sodinokibi Ransomware 17 52
LokiBot Trojan 5 8
PowerTrick 5 15
The Joker Malware 4 5
Trickbot Malware 7 20
AZORult Stealer 4 7
Dharma Ransomware 2 2
Phobos Ransomware 2 2
APT33 3 14
CrySiS Ransomware 2 2
Data Breaches
You’ve been hit by a data breach – now what?
Seclists.org – Data LossJan 10 2020 15:30
Posted by Destry Winant on Jan 10 https://www.techradar.com/news/youve-been-hit-by-a-data-breach-now-what Although we’re told to prepare for the worst, very few of us do. Most of us tend to approach worst-case scenarios with the same mindset. No o…
Man jailed for using data breach info leaks to claim over $12 million in IRS tax refunds
ZDNet SecurityJan 10 2020 11:57
Information leaked due to data breaches was used to file fraudulent tax returns.
Lessons Learned From Managing One Of The Largest Data Breaches In U.S. History, Part Two
Forbes – Cybersecurity RSSJan 10 2020 11:40
You and your team are central to safeguarding your organization’s reputation and the driving force to its path to recovery. How do you go about it?
Data Breaches – W/E – 1/10/20
Tech-Wreck InfoSec BlogJan 10 2020 14:07
Database Left Wide Open Exposed 976 Million Honda Records (12/23/2019) Security researcher Bob Diachenko notified Honda's…
Hacker Groups
Dymalloy, Electrum, and Xenotime Hacking Groups Set Their Targets on US Energy Sector
Trend MicroJan 10 2020 13:28
At least three hacking groups have been identified aiming to interfere with or disrupt power grids across the United States. Attempts in attacking the utilities industry are on the rise, according to a report on the state of industrial control…
Iran-Sponsored Hackers Might Be Probing U.S. Electric Sector
HOTforSecurityJan 10 2020 13:12
Oil-and-Gas APT From Magnallium Pivots To U.S. Power Plants
News ≈ Packet StormJan 10 2020 15:30
Lazarus group’s ‘AppleJesus’ sequel targets cryptocurrency traders
SC Magazine UKJan 10 2020 13:47
56 minutes ago Threat actor Lazarus Group launched sequel of its AppleJeus operation, creating fake cryptocurrency-related websites to sow malware in the systems of those who fell for the ruse Cryptocurrency has been the favourite ground for internet…
Malware
REvil Ransomware: “Pay Us One Way Or The Other!”
DigitalMunitionJan 10 2020 18:34
The Wall Street Journal and Bleeping Computer reported that Travelex, a foreign-currency exchange company , was hit by the ReVil/Sodinokibi actors on New Year's Eve and that its network data was encrypted and their customers were unable to take…
Threat spotlight: Phobos ransomware lives up to its name
Malwarebytes UnpackedJan 10 2020 18:04
Ransomware has struck dead on organizations since it became a mainstream tool in cybercriminals’ belts years ago. From massive …
Google details its fight against the Bread (Joker) malware operation
ZDNet Zero Day BlogJan 10 2020 10:10
Google says it removed more than 1,700 Android apps infected with Bread (Joker) malware since 2017.
Ako Ransomware: Another Day, Another Infection Attacking Businesses
BleepingComputer.comJan 10 2020 11:00
Like moths to a flame, new ransomware targeting businesses keep appearing every day as their enticed by the prospects of million-dollar ransom payments. An example of this is a new ransomware called Ako that is targeting the entire network rather…
Vulnerabilities
CVE-2019-19781: Exploit Scripts for Remote Code Execution Vulnerability in Citrix ADC and Gateway Available
Tenable BlogJan 11 2020 02:49
Attackers are actively probing for vulnerable Citrix Application Delivery Controller (ADC) and Gateway hosts, while multiple proof-of-concept scripts are released, emphasizing the importance of mitigating this flaw immediately. Background On…
CISA warns that Pulse Secure VPN issue CVE-2019-11510 is still exploited
Security AffairsJan 11 2020 06:57
The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is…
Multiple TikTok Vulnerabilities Could Access, Exploit, Or Delete Users’ Data
DigitalMunitionJan 11 2020 02:35
Social media craze TikTok has now made it to the news owing to security issues. Researchers have found numerous vulnerabilities in the TikTok app that could risk users’ security. Exploiting the bugs could allow an attacker to add or delete users’…
Hackers Scan for Vulnerable Citrix ADC Systems
Security WeekJan 10 2020 07:07
Weeks after impacting its Application Delivery Controller (ADC) and Gateway products, hackers have started to scan the Internet for vulnerable systems, security researchers report. Tracked as CVE-2019-19781 and featuring a CVSS score of 9.8, the…
Ongoing Campaigns
Trickbot gang uses fileless backdoor on high-value targets
SC Magazine UKJan 10 2020 13:47
29 minutes ago A Russian cyber-crime gang has developed a new hacking tool called PowerTrick in a bid to move around target networks undetected A Russian cyber-crime gang has developed a new hacking tool called PowerTrick in a bid to move around target…
Cyber News Rundown: Snake Ransomware
Webroot Threat BlogJan 10 2020 13:00
Reading Time: ~ 2 min. Snake Ransomware Slithers Through Networks A new ransomware variant, dubbed “Snake,” has been found using more sophisticated obfuscation while targeting entire networks, rather than only one machine. In addition, Snake will…
Dymalloy, Electrum, and Xenotime Hacking Groups Set Their Targets on US Energy Sector
Trend MicroJan 10 2020 13:28
At least three hacking groups have been identified aiming to interfere with or disrupt power grids across the United States. Attempts in attacking the utilities industry are on the rise, according to a report on the state of industrial control…
Is Juice Jacking a Legitimate Threat or Nothing to Worry About?
Security IntelligenceJan 10 2020 11:30
Here’s another risk to add to the many issues that business travelers and their…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • Daily Alert – 29 January 2020

    Daily Alert: Update: Top 5 Health Data Breaches...
  • Daily Alert – 28 January 2020

    Daily Alert: Where to find data breaches...
  • Daily Alert – 27 January 2020

    Daily Alert: State, Private Attorneys Help Indiana Businesses Understand Data Breach Issues...
View all News

Request a demo

Get in touch