Threat Reports

Daily Alert – 20 February 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
DRBControl 6 8
Trochilus Trojan 4 5
PlugX Trojan 4 6
APT27 4 5
Winnti Trojan 4 6
WP-VCD Malware 3 3
MealyBug 2 4
Stuxnet 2 2
Trickbot Malware 5 16
Pirate Chick Malware 1 1
Data Breaches
PhotoSquared data leak leaves 94.7GB of customer data exposed online including names, addresses
Seclists.org – Data LossFeb 19 2020 15:36
Posted by Destry Winant on Feb 19…
MGM hack exposes personal data of 10.6 million guests
BBC News – TechnologyFeb 20 2020 03:36
Celebrities including Justin Bieber were among those whose data was stolen, one report said.
97% of IT leaders majorly concerned by insider data breaches
Information AgeFeb 19 2020 10:45
An Egress study has found that 97% of IT leaders are concerned that data will be exposed by their own employees, leading to insider breaches Concerns around intentional compromise has risen within the past year. This finding from Egress ‘s Insider…
10.6M customer records leaked online from data breach of MGM Resorts
SiliconANGLEFeb 20 2020 03:06
The details of some 10.6 million customers of MGM Resorts International including celebrities have found their way online after the company experience a data breach last year. The customer details were first discovered by an Israeli security…
Hacker Groups
DRBControl Espionage Operation Hits Gambling, Betting Companies
MalwareTips.comFeb 19 2020 13:30
An advanced threat actor has been targeting gambling and betting companies in multiple regions of the globe with malware that links to two Chinese hacker groups. Named "DRBControl" by security researchers, the group uses malware not publicly…
DRBControl cyber-espionage group targets gambling, betting companies
Security AffairsFeb 19 2020 20:45
The DRBControl APT group has been targeting gambling and betting companies worldwide with malware that links to two China-linked APT groups. Security researchers from TrendMicro have uncovered a cyber espionage campaign carried out by an APT group…
Uncovering New Magecart Implant Attacking eCommerce
Security AffairsFeb 19 2020 15:13
Security expert Marco Ramilli shared the results of an analysis of a skimmer implant spotted in the wild that could be potentially linked to Magecart group. If you are a credit card holder, this post could be of your interest. Defending our…
Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection
Security IntelligenceFeb 19 2020 11:05
Before a short lull in mid-February, Emotet was in the midst of a rise in activity that has been apparent since late 2019 — in terms of both spam and infecting potential victims via SMiShing attacks . In cases observed by IBM X-Force researchers, SMS…
Malware
Threat Spotlight: Nuke Ransomware
Security Bloggers NetworkFeb 20 2020 04:06
Nuke ransomware encrypts files with an AES 256-bit encryption key and changes the file name to random characters with a .nuclear55 extension. Our Threat Research team analyzed a Nuke sample – this blog details our investigation. The post …
Dharma Ransomware Attacks Italy in New Spam Campaign
MalwareTips.comFeb 19 2020 13:47
Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy. The Dharma Ransomware has been active for many years and is based on another ransomware family called Crysis. It is not common, though, to…
Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection
Security IntelligenceFeb 19 2020 11:05
Before a short lull in mid-February, Emotet was in the midst of a rise in activity that has been apparent since late 2019 — in terms of both spam and infecting potential victims via …
SMS Attack Spreads Emotet, Steals Bank Credentials
MalwareTips.comFeb 19 2020 16:40
Attackers are sending SMS messages purporting to be from victims’ banks – but once they click on the links in the text messages, they are asked to hand over their banking credentials and download a file that infects their systems with the Emotet…
Vulnerabilities
CVE-2020-0618: Proof of Concept for Microsoft SQL Server Reporting Services Vulnerability Available
Tenable BlogFeb 19 2020 14:01
Availability of proof-of-concept (PoC) code for recently disclosed remote code execution flaw in Microsoft SQL Server Reporting Services leaves sites vulnerable to attack. Background On February 11, Microsoft …
37.3% of Vulnerabilities in 2019 Had Available Exploit Code or a Proof of Concept
Seclists.org – Data LossFeb 19 2020 15:36
Posted by Destry Winant on Feb 19…
Expert On Report: Almost Half Of Connected Medical Devices Are Vulnerable To Hackers Exploiting BlueKeep
Information Security BuzzFeb 19 2020 11:25
In response to reports that vulnerabilities in medical devices could put hospital patients at risk from hackers, an expert from Cerberus Sentinel offers perspective. The ISBuzz Post: This Post …
WordPress Websites Hacked via Vulnerabilities in Two Themes Plugins
Security WeekFeb 19 2020 16:07
Vulnerabilities in two popular WordPress plugins, ThemeREX Addons and ThemeGrill Demo Importer, are being exploited to hack websites. The vulnerability affecting the ThemeGrill Demo Importer plugin was just a few days ago by web security company…
Ongoing Campaigns
Chinese Hackers Are Using Novel Backdoors Against Online Casinos
TechNaduFeb 19 2020 12:56
A large-scale hacking campaign targeting betting and gambling websites has been uncovered. These Chinese state-supported actors were using two previously undisclosed backdoors, as well as a large set of known tools. Their goal was stealing the source…
Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection
Security IntelligenceFeb 19 2020 11:05
Before a short lull in mid-February, Emotet was in the midst of a rise in activity that has been apparent since late 2019 — in terms of both spam and infecting potential victims via …
Dharma Ransomware Attacks Italy in New Spam Campaign
MalwareTips.comFeb 19 2020 13:47
Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy. The Dharma Ransomware has been active for many years and is based on another ransomware family called Crysis. It is not common, though, to…
DRBControl Espionage Operation Hits Gambling, Betting Companies
MalwareTips.comFeb 19 2020 13:30
An advanced threat actor has been targeting gambling and betting companies in multiple regions of the globe with malware that links to two Chinese hacker groups. Named "DRBControl" by security researchers, the group uses malware not publicly…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • COVID-19 Alert – 05 June 2020

    Silobreaker's Daily COVID-19 Alert for 05 June 2020
  • Cyber Alert – 05 June 2020

    Cyber Alert: troyhunt - RT @haveibeenpwned: New breach: Indian self-drive car rental company Zoomcar was breached in 2018 and had 3.5M records exposed then...
  • Threat Summary: 29 May – 04 June 2020

    29 May – 04 June 2020 Silobreaker’s Weekly Cyber Digest is a quantitative summary of our threat reports, published every Thursday. The reports are...
View all News

Request a demo

Get in touch