Daily Alert – 16 February 2020
Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Lazarus Group
|2
|17
|Snake Malware
|1
|1
|Uroburos
|1
|1
|NukeSped
|1
|2
|Ginp
|1
|2
|Turla APT Group
|1
|1
|TheDarkOverlord
|1
|3
|HOPLIGHT Trojan
|1
|7
|Dridex Malware
|1
|7
|Maze Ransomware
|1
|5
|Data Breaches
|NextMotion plastic surgery tech firm data leak
|Security Affairs – Feb 15 2020 22:20
|Photos and personal information belonging to patients of the NextMotion plastic surgery tech firm have been exposed online through an unsecured S3 bucket. Hundreds of thousands of documents containing photos and personal information…
|Idaho Central Credit Union reports two breaches
|DataBreaches.net – Feb 15 2020 15:53
|Doug Olenick reports on two recent data breaches involving Idaho Central Credit Union: The first instance cropped up on November 5, 2019 when some suspicious behavior was noted. A breach was confirmed three days later, reported BoiseDev. A data…
|PhotoSquared app leaks photos & home addresses of 100,000s of users
|HackRead – Feb 15 2020 20:53
|By Waqas Another day, another data breach putting user data at risk – This time, PhotoSquared. This is a post from HackRead.com Read the original post: …
|NC: Wake County learns that 1,900 employees affected by breach at former benefits administrator
|DataBreaches.net – Feb 15 2020 19:07
|Posted to Wake County’s website yesterday (h/t, WDTV/Yahoo) Wake County’s former flexible benefit spending accounts administrator, Interactive Medical Systems, recently reported that it experienced a data security breach that disclosed the…
|Hacker Groups
|The cyber attack against Austria’s foreign ministry has ended
|Security Affairs – Feb 15 2020 11:09
|Austria’s foreign ministry announced that the cyber attack against its systems, allegedly carried by a state actor has ended. Earlier January, Austria’s foreign ministry …
|USCYBERCOM Shares More North Korean Malware Samples
|Security Week – Feb 15 2020 20:07
|The U.S. Cyber Command (USCYBERCOM) has uploaded new malware samples to VirusTotal, all of which the Command has attributed to the North Korea-linked threat group Lazarus. The samples were added to the scanning engine as part of a project that…
|NextMotion plastic surgery tech firm data leak
|Security Affairs – Feb 15 2020 22:20
|Photos and personal information belonging to patients of the NextMotion plastic surgery tech firm have been exposed online through an unsecured S3 bucket. Hundreds of thousands of documents containing photos and personal information…
|Malware
|The Ginp Banking Trojan Returns with Fake Incoming SMS Tactics
|TechNadu – Feb 15 2020 11:18
|Ginp can now generate SMS messages locally on the phone and spoof any sender and any content. While the numbers that are used are legitimate, the messages were never sent from them. The text messages contain links that lead to phishing overlays that…
|Rig Exploit Kit delivers Dridex
|BroadAnalysis – Feb 16 2020 00:26
|I have added a zipped pcap file for your analysis. The password for the zipped pcap is infected all lowercase. PCAP file of the infection traffic:…
|Microsoft Windows Users Beware: Pentagon, DHS And FBI Just Issued This ‘Malicious’ New Malware Warning
|Forbes – Cybersecurity RSS – Feb 15 2020 07:47
|A joint warning from multiple U.S. government agencies as the North Korean state-sponsored hackers behind WannaCry look set to strike again.
|The cyber attack against Austria’s foreign ministry has ended
|Security Affairs – Feb 15 2020 11:09
|Austria’s foreign ministry announced that the cyber attack against its systems, allegedly carried by a state actor has ended. Earlier January, Austria’s foreign ministry …
|Vulnerabilities
|SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors
|Security Affairs – Feb 15 2020 16:35
|Security experts have discovered multiple flaws, dubbed SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. A group of researchers has discovered multiple vulnerabilities, tracked as SweynTooth,…
|Escaping the Chrome Sandbox with RIDL
|Project Zero – Feb 15 2020 17:02
|Guest blog post by Stephen Röttger tl;dr: Vulnerabilities that leak cross process memory can be exploited to escape the Chrome sandbox. An attacker is still required to compromise the renderer prior to mounting this attack. To protect against attacks…
|IOTA cryptocurrency shuts down entire network after wallet hack
|ZDNet Security – Feb 16 2020 01:39
|Hackers exploit vulnerability in official IOTA wallet to steal millions
|Ongoing Campaigns
|The cyber attack against Austria’s foreign ministry has ended
|Security Affairs – Feb 15 2020 11:09
|Austria’s foreign ministry announced that the cyber attack against its systems, allegedly carried by a state actor has ended. Earlier January, Austria’s foreign ministry …
|Potential class action lawsuits filed against two more ransomware victims
|DataBreaches.net – Feb 15 2020 16:12
|On Thursday, I reported on a potential class action lawsuit that had been filed against two hospitals in Puerto Rico that suffered a ransomware attack. As I noted in my post, none of the named plaintiffs claimed that they had suffered any concrete…
|NextMotion plastic surgery tech firm data leak
|Security Affairs – Feb 15 2020 22:20
|Photos and personal information belonging to patients of the NextMotion plastic surgery tech firm have been exposed online through an unsecured S3 bucket. Hundreds of thousands of documents containing photos and personal information…
|SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors
|Security Affairs – Feb 15 2020 16:35
|Security experts have discovered multiple flaws, dubbed SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. A group of researchers has discovered multiple vulnerabilities, tracked as SweynTooth,…
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.