|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Turla APT Group
|10
|10
|Turla Spyware
|8
|8
|AZORult Stealer
|7
|11
|WannaCry Ransomware
|6
|18
|PXJ Ransomware
|3
|3
|Hades APT
|2
|2
|Poison Ivy Trojan
|2
|2
|Ztorg Trojan
|2
|2
|Mustang Panda
|2
|2
|Snake Hacker Group
|2
|2
|Data Breaches
|Anonymous secret sharing app Whisper left sensitive profile data exposed for years
|Office of Inadequate Security – Mar 12 2020 12:37
|Nick Statt reports: Whisper, an anonymous secret-sharing mobile app that rose to prominence more than half a decade ago, has…
|Cathay Pacific fined 9.4M for data breach
|IT Security Guru – Mar 12 2020 11:23
|Aviation giant Cathay Pacific has been slapped with a US$650,000 fine by the UK’s Information Commissioner’s Office (ICO) for failing to protect customer personal data. According to a statement issued by the regulator, approximately 9.4 million…
|Open Exchange Rates Data Breach Affects Users of Well-Known Orgs
|BleepingComputer.com – Mar 12 2020 22:24
|Open Exchange Rates has announced a data breach that exposed the personal information and salted and hashed passwords for customers of its API service. […]
|8 Million UK Shopping Records Exposed
|Information Security Buzz – Mar 12 2020 13:52
|Researchers at Comparitech have uncovered a leak stemming from third-party apps used by Amazon UK, Ebay and Shopify, exposing 8 million sales records containing customers’ personal data. Exposed data includes customer names, email addresses,…
|Hacker Groups
|Russia-Linked Turla Cyberspies Add More Malware to Arsenal
|Security Week – Mar 12 2020 18:40
|The Russia-linked threat group known as Turla was observed using two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019, ESET reports. Also known as Waterbug, KRYPTON, Snake, and Venomous Bear, and active…
|Malware
|Researchers Warn of Novel PXJ Ransomware Strain
|MalwareTips.com – Mar 12 2020 21:00
|Researchers have discovered a new strain of ransomware, dubbed “PXJ,” which emerged in the wild in early 2020. While PXJ performs functions similar to other ransomware variants, it does not appear to share the same underlying code with most known…
|Swallowing the Snake’s Tail: Tracking Turla Infrastructure
|Recorded Future – Blog – Mar 12 2020 14:00
|Click here to download the complete analysis as a PDF. Recorded Future’s Insikt Group® has developed new detection methods for Turla malware and infrastructure as part of an in-depth investigation into recent Turla activities. Data…
|PXJ Ransomware Campaign Identified by X-Force IRIS
|Security Intelligence – Mar 12 2020 10:00
|Ransomware has become one of the most profitable types of malware in the hands of cybercriminals, with reported cybercrime losses tripling in the last five years, according to the …
|Vulnerabilities
|News of critical Microsoft bug leaks despite not making Patch Tuesday list
|SC Magazine US – Mar 12 2020 12:49
|Due to an apparent error in the Microsoft Patch Tuesday vulnerability disclosure process, news of an unpatched, critical Microsoft Server Message Block vulnerability has leaked to the public. If exploited, the bug could result in a wormable remote…
|Microsoft delivers emergency patch to fix wormable Windows 10 flaw
|ArsTechnica – Mar 12 2020 20:48
|Enlarge Cortney Dean / Flickr Microsoft on Thursday released an unscheduled fix for a critical security bug that makes it possible for attackers to remotely execute malicious code that can spread from vulnerable machine to vulnerable machine without…
|OpenSMTPD Vulnerability (CVE-2020-8794) Can Lead to Root Privilege Escalation and Remote Code Execution
|Trend Micro – Mar 12 2020 13:00
|By Alexander Elkholy (Threats Analyst) A root privilege escalation and remote execution vulnerability (designated as CVE-2020-8794) has been discovered in the free and open-source Unix Daemon, OpenSMTPD. The flaw originates from an out-of-bounds read,…
|Several Vulnerabilities Expose Phoenix Contact Industrial 4G Routers to Attacks
|Security Week – Mar 12 2020 16:18
|Several potentially serious vulnerabilities have been discovered in some of the industrial 4G routers made by Phoenix Contact, a Germany-based provider of industrial automation, connectivity and interface solutions. The security holes were discovered…
|Ongoing Campaigns
|Guarding against supply chain attacks—Part 3: How software becomes compromised
|MalwareTips.com – Mar 12 2020 12:42
|Do you know all the software your company uses? The software supply chain can be complex and opaque. It’s comprised of software that businesses use to run operations, such as customer relationship management (CRM), enterprise resource planning (ERP),…
|Capitalizing on Coronavirus Panic, Threat Actors Target Victims Worldwide
|Recorded Future – Blog – Mar 12 2020 18:00
|Click here to download the complete analysis as a PDF. Recorded Future investigated how threat actors are using the global disruptions caused by COVID-19 to further their cyber threat activities. This research is targeted toward those…
|Credit card skimmers explained: How they work and how to protect yourself
|CSO Magazine – Mar 12 2020 10:00
|What is a credit card skimmer? In the security industry, a skimmer has traditionally referred to any hardware device designed to steal information stored on payment cards when consumers perform transactions at ATMs, gas pumps and other payment…
