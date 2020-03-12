Daily Alert – 12 March 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|WannaCry Ransomware
|8
|13
|Raccoon Malware
|3
|4
|Magecart Group
|3
|5
|NotPetya Ransomware
|4
|7
|Hancitor
|2
|2
|njRAT Malware
|2
|8
|AgentTesla Keylogger
|2
|2
|Ryuk Ransomware
|5
|32
|Dridex Malware
|2
|9
|AZORult Stealer
|2
|4
|Data Breaches
|How to prevent the data breach that keeps on happening
|Security Bloggers Network – Mar 11 2020 08:08
|Secret-sharing app Whisper shared secrets like last known location and actual password tokens in exposed database
|ste williams – Mar 11 2020 14:58
|Whisper, a mobile app for sharing those thoughts you’d rather not make public, turns out to be better at sharing secrets than keeping them, spilling a whopping 90 metadata fields associated with users in an exposed database. The app, launched…
|Experts On Report: 60% Of Data Breaches Caused By Human Error
|Information Security Buzz – Mar 11 2020 12:11
|A new report out of the UK shows that 60% of data breaches were caused by human error according to research firm Gallagher as reported by Infosecurity. The ISBuzz Post: This Post …
|University of Hertfordshire avoids data breach action by UK watchdog
|ZDNet Zero Day Blog – Mar 11 2020 08:58
|The ICO is taking no further action despite student information being inappropriately shared.
|Hacker Groups
|Why CSP Isn’t Enough to Stop Magecart-Like Attacks
|ste williams – Mar 11 2020 14:58
|As Magecart and formjacking attacks become more sophisticated, it’s essential to address not only what services may interact with users, but what that interaction looks like and how to control it. 2019 left enterprises scrambling for security…
|Windows has a new wormable vulnerability, and there’s no patch in sight
|ArsTechnica – Mar 11 2020 12:10
|Enlarge Michael Theis / Flickr Word leaked out on Tuesday of a new vulnerability in recent versions of Windows that has the potential to unleash the kind of self-replicating attacks that allowed the WannaCry and NotPetya worms to cripple business…
|Growing VPN Exploitation Is Cause For Concern
|Infosecurity – Blog – Mar 11 2020 13:29
|Growing VPN Exploitation Is Cause For Concern Conventional wisdom says that initial access is often a phishing attack, and that is often the case, but there is a growing trend where compromise…
|Malware
|Server attack with [charlesetta.embody@aol.com].Dever ransomware
|MalwareTips.com – Mar 11 2020 22:06
|Hello, unfortunately I found my server with all files encrypted with [charlesetta.embody@aol.com].Dever extension in their name. Does anybody know if there is any possibility to decrypt them? Thankyou in advance for your answers.
|MedusaLocker Leaves No Network Drive Safe
|Security Bloggers Network – Mar 12 2020 06:00
|Friend’s girlfriend sextortion scam infects PCs with Raccoon malware
|HackRead – Mar 11 2020 16:30
|Friend's girlfriend sextortion scam infects PCs with Raccoon malware Home » Cyber Crime » Friend’s girlfriend sextortion scam infects PCs with Raccoon malware
|2020-03-11 – Pcap and malware for an ISC diary (Hancitor)
|Malware-Traffic-Analysis.net – Blog Entries – Mar 12 2020 02:07
|Vulnerabilities
|Patch Tuesday Fixes Over 100 Bugs This Month
|Infosecurity – Latest News – Mar 11 2020 10:30
|Patch Tuesday Fixes Over 100 Bugs This Month Microsoft has issued one of the biggest security updates of recent years with a Patch Tuesday that fixes 115 unique CVEs, including 26 critical flaws. The majority of these are found in Windows (79…
|RCE in popular ThemeREX WordPress Plugin has been actively exploited
|Security Affairs – Mar 11 2020 21:27
|The WordPress plugin ‘ThemeREX Addons’ is affected by a critical vulnerability that could allow remote attackers to execute arbitrary code. A critical vulnerability in the WordPress plugin known as ThemeREX Addons could be exploited for remote code…
|February 2020’s Most Wanted Malware: Increase in Exploits Spreading the Mirai Botnet to IoT Devices
|Check Point – Mar 11 2020 11:00
|Check Point Research also reports that Emotet has been spreading via new SMS phishing Campaign Our latest Global Threat Index for February 2020 shows a large increase in exploitation of a vulnerability to spread the Mirai botnet, which is notorious…
|Ongoing Campaigns
|Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks
|MalwareTips.com – Mar 11 2020 13:15
|According to new research published today, modern RAM cards are still vulnerable to Rowhammer attacks despite extensive mitigations that have been deployed by manufacturers over the past six years. These mitigations, collectively referred to as Target…
|Blacklists Miss 21% of Phishing Attacks, Internet Traffic Reveals
|ste williams – Mar 11 2020 20:58
|Visibility into phishing attacks by content delivery networks and security firms shows many domains fail to be classified as malicious. More than 20% of the sites used for phishing are not detected by current blacklists as malicious, even days after…
|WordPress Database Brute Force and Backdoors
|Security Bloggers Network – Mar 11 2020 16:13
