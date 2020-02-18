Daily Alert – 18 February 2020
Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.
|Data Breaches
|Cyber-complacency continues despite reputation, business risks
|SC Magazine UK – Feb 17 2020 13:44
|25 minutes ago News by SC Staff Despite the harm data breaches do to business reputation, several UK enterprises remain alarmingly unprepared in cyber-defence, even complacent Nearly one in four people stop doing business with companies who’ve been…
|A BEC scam leads to a healthcare data breach
|MediaCenter Panda Security – Feb 17 2020 14:15
|Jailcore database leaks PII of inmates & correctional officers across US
|Seclists.org – Data Loss – Feb 17 2020 15:46
|Posted by Destry Winant on Feb 17 https://www.hackread.com/jailcore-database-leaks-us-inmates-pii-correctional-officers/ The company that owns the database claim that since these are incarcerated individuals, their rights differ substantially…
|!@#$%^&*: The Most Used Passwords in the World Are as Bad as You Imagine
|HOTforSecurity – Feb 17 2020 14:26
|Hacker Groups
|Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign
|Security Affairs – Feb 17 2020 12:34
|Security experts from Yoroy-Cybaze ZLab have conducted a detailed analysis of an implant used by the Gamaredon APT group in a recent campaign. Introduction …
|Twitter accounts of The Olympics and FC Barcelona hijacked by OurMine hacking group
|HOTforSecurity – Feb 17 2020 13:20
|US Federal Authorities Dissect Malicious Activities of Six Malware Associated with Lazarus Group
|Cyware – Feb 18 2020 07:24
|| Lazarus has been linked to multiple high profile attacks that have caused infrastructure disruptions and financial losses. Some of the notable attacks include the 2014 attack on a major entertainment company and the 2016 Bangladeshi heist that netted…
|Inside Kenyan Hacker Group Gaining International Fame
|DataBreaches.net – Feb 17 2020 12:10
|Martin Siele reports: SilentCards, based in Nairobi, has previously been accused of orchestrating multi-million shilling heists in the financial services sector, particularly targeting banks and their Automated Teller Machines (ATMs). Singapore-based…
|Malware
|DoppelPaymer: New, Trendy and Dangerous
|Security Bloggers Network – Feb 18 2020 07:00
|Mac Malware Becomes More Common – Are You A Victim?
|MediaCenter Panda Security – Feb 17 2020 08:55
|Ginp mobile Trojan fakes incoming SMS messages
|MalwareTips.com – Feb 17 2020 15:11
|Having infiltrated a phone, most mobile banking Trojans try to gain access to SMS messages. They do so to intercept one-time confirmation codes from banks. Armed with such a code, the malware owners can make a payment or siphon off funds without the…
|LokiBot Trojan Malware Campaign Comes Disguised As A Popular Game Launcher
|SecurityPhresh – Feb 17 2020 14:15
|The latest version of the information-stealing trojan malware is likely spammed out to victims in bulk, and uses a clever trick to bypass security software.
|Vulnerabilities
|Iranian Hackers Exploited Enterprise VPN Flaws In Major Campaign
|SecurityPhresh – Feb 17 2020 14:46
|Infamous Iranian hacking groups APT33 and APT34 appear to have been working together for the past three years to compromise dozens of organizations worldwide, and their attacks involved some of the enterprise VPN vulnerabilities disclosed last year,…
|Flaw in WordPress Themes Plugin Allowed Hackers to Become Site Admin
|Security Week – Feb 17 2020 16:07
|A serious vulnerability found in a WordPress themes plugin with over 200,000 active installations can be exploited to wipe a website’s database and gain administrator access to the site. is a popular plugin that allows WordPress website administrators…
|Iranian Hackers Are Reportedly Weaponizing Published VPN Flaws in Hours
|TechNadu – Feb 17 2020 11:02
|At least three Iranian APT groups combined forces to launch attacks against corporate networks. Named “Fox Kitten,” this campaign was based on the exploitation of 1-day VPN flaws. The hackers were ready to weaponize vulnerabilities almost as soon as…
|Flaw in WordPress ThemeGrill Demo Importer WordPress theme plugin expose 200K+ sites to hack
|Security Affairs – Feb 18 2020 06:25
|A serious flaw in the ThemeGrill Demo Importer WordPress theme plugin with over 200,000 active installs can be exploited to wipe sites and…
|Ongoing Campaigns
|Ryuk Ransomware Operators Target Port Lavaca City Hall
|Cyware – Feb 18 2020 07:24
|| The ransomware reportedly entered the city hall through the email system. No information was stolen or compromised but the attackers came only to encrypt files and hold them for ransom. A ransomware attack targeted the city of Port Lavaca, which…
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.