Threat Reports

  Tags: daily cyber digest

Daily Alert – 18 February 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
APT33 4 11
APT34 4 7
OurMine Team 4 4
NotPetya Ransomware 3 6
SilentCards 2 2
Zimbra Ransomware 2 2
Beast Trojan 2 2
APT39 2 4
Gamaredon Group 2 2
APT28 2 5
Data Breaches
Cyber-complacency continues despite reputation, business risks
SC Magazine UKFeb 17 2020 13:44
25 minutes ago News by SC Staff Despite the harm data breaches do to business reputation, several UK enterprises remain alarmingly unprepared in cyber-defence, even complacent Nearly one in four people stop doing business with companies who’ve been…
A BEC scam leads to a healthcare data breach
MediaCenter Panda SecurityFeb 17 2020 14:15
Jailcore database leaks PII of inmates & correctional officers across US
Seclists.org – Data LossFeb 17 2020 15:46
Posted by Destry Winant on Feb 17 https://www.hackread.com/jailcore-database-leaks-us-inmates-pii-correctional-officers/ The company that owns the database claim that since these are incarcerated individuals, their rights differ substantially…
!@#$%^&*: The Most Used Passwords in the World Are as Bad as You Imagine
HOTforSecurityFeb 17 2020 14:26
Hacker Groups
Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign
Security AffairsFeb 17 2020 12:34
Security experts from Yoroy-Cybaze ZLab have conducted a detailed analysis of an implant used by the Gamaredon APT group in a recent campaign. Introduction  …
Twitter accounts of The Olympics and FC Barcelona hijacked by OurMine hacking group
HOTforSecurityFeb 17 2020 13:20
US Federal Authorities Dissect Malicious Activities of Six Malware Associated with Lazarus Group
CywareFeb 18 2020 07:24
| Lazarus has been linked to multiple high profile attacks that have caused infrastructure disruptions and financial losses. Some of the notable attacks include the 2014 attack on a major entertainment company and the 2016 Bangladeshi heist that netted…
Inside Kenyan Hacker Group Gaining International Fame
DataBreaches.netFeb 17 2020 12:10
Martin Siele reports: SilentCards, based in Nairobi, has previously been accused of orchestrating multi-million shilling heists in the financial services sector, particularly targeting banks and their Automated Teller Machines (ATMs). Singapore-based…
Malware
DoppelPaymer: New, Trendy and Dangerous
Security Bloggers NetworkFeb 18 2020 07:00
Mac Malware Becomes More Common – Are You A Victim?
MediaCenter Panda SecurityFeb 17 2020 08:55
Ginp mobile Trojan fakes incoming SMS messages
MalwareTips.comFeb 17 2020 15:11
Having infiltrated a phone, most mobile banking Trojans try to gain access to SMS messages. They do so to intercept one-time confirmation codes from banks. Armed with such a code, the malware owners can make a payment or siphon off funds without the…
LokiBot Trojan Malware Campaign Comes Disguised As A Popular Game Launcher
SecurityPhreshFeb 17 2020 14:15
The latest version of the information-stealing trojan malware is likely spammed out to victims in bulk, and uses a clever trick to bypass security software.
Vulnerabilities
Iranian Hackers Exploited Enterprise VPN Flaws In Major Campaign
SecurityPhreshFeb 17 2020 14:46
Infamous Iranian hacking groups APT33 and APT34 appear to have been working together for the past three years to compromise dozens of organizations worldwide, and their attacks involved some of the enterprise VPN vulnerabilities disclosed last year,…
Flaw in WordPress Themes Plugin Allowed Hackers to Become Site Admin
Security WeekFeb 17 2020 16:07
A serious vulnerability found in a WordPress themes plugin with over 200,000 active installations can be exploited to wipe a website’s database and gain administrator access to the site. is a popular plugin that allows WordPress website administrators…
Iranian Hackers Are Reportedly Weaponizing Published VPN Flaws in Hours
TechNaduFeb 17 2020 11:02
At least three Iranian APT groups combined forces to launch attacks against corporate networks. Named “Fox Kitten,” this campaign was based on the exploitation of 1-day VPN flaws. The hackers were ready to weaponize vulnerabilities almost as soon as…
Flaw in WordPress ThemeGrill Demo Importer WordPress theme plugin expose 200K+ sites to hack
Security AffairsFeb 18 2020 06:25
A serious flaw in the ThemeGrill Demo Importer WordPress theme plugin with over 200,000 active installs can be exploited to wipe sites and…
Ongoing Campaigns
Ryuk Ransomware Operators Target Port Lavaca City Hall
CywareFeb 18 2020 07:24
| The ransomware reportedly entered the city hall through the email system. No information was stolen or compromised but the attackers came only to encrypt files and hold them for ransom. A ransomware attack targeted the city of Port Lavaca, which…
