Threat Reports

Daily Alert – 22 January 2020

Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
FTCODE Ransomware 8 10
Bronze Butler APT 5 6
Indonesian Cyber Army 4 4
sLoad Downloader 4 4
BitPyLock Ransomware 2 2
Netwire RAT 2 2
CrySiS Ransomware 2 2
Phobos Ransomware 2 3
WannaCry Ransomware 3 11
URSNIF 2 4
Data Breaches
Mitsubishi Electric discloses data breach, possible data leak
Help Net Security – NewsJan 21 2020 11:40
Japanese multinational Mitsubishi Electric has admitted that it had suffered a data breach some six months ago, and that “personal information and corporate confidential information may have been leaked.” The company, though, claims…
Expert On Breach: Regus Sales Staff Data Exposed After Huge Data Breach
Information Security BuzzJan 21 2020 11:30
Job performance details about more than 900 employees of a major office-space provider have been published online by accident after a staff review. Sales staff at Regus had been recorded showing researchers posing as clients around office space…
Building A Pentest Program To Prevent A Data Breach
Forbes – Cybersecurity RSSJan 21 2020 12:30
Manual penetration testing is important, but procuring the right pentesting vendor is not always easy.
Comments On 160,000 Data Breaches Reported Since GDPR With Big Fines To Follow | Information Security Buzz
Information Security BuzzJan 21 2020 11:54
Over 160,000 data-breach notifications have been made to authorities in the 18 months since Europe’s new digital privacy regulation, GDPR, came into force. The number of breaches and other security incidents being reported each day continues to rise…
Hacker Groups
Mitsubishi Electric discloses June 2019 breach; Tick hacking group blamed
DigitalMunitionJan 21 2020 22:14
Japanese manufacturer Mitsubishi Electric has acknowledged its discovery last June of a data breach perpetrated by an unauthorized third party that accessed both personal employee information and corporate materials. The public disclosure came amid…
Advanced “16Shop” Phishing Kit Expands Offerings
SecurityWeek RSS FeedJan 21 2020 17:21
One of the most advanced phishing kits, known as 16Shop and probably developed by a group known as the Indonesian Cyber Army, has expanded its phish targets from Apple account holders and Amazon to now include PayPal….
Battle for Supremacy | Hacktivists from Turkey and Greece Exchange Virtual Blows
SentinelOneJan 21 2020 17:41
Tensions between Greece and its neighbor, Turkey, are nothing new. Conflict in the Aegean extends back to the days of Homer, who described how a Greek army decimated the town of Troy, located near Hisarlik in Turkey. The animosity between these…
US-based children’s clothing maker Hanna Andersson discloses a data breach
Security AffairsJan 21 2020 13:31
The US-based children’s clothing maker Hanna Andersson has disclosed a data breach that affected its customers. The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an …
Malware
BitPyLock Ransomware Now Threatens to Publish Stolen Data
MalwareTips.comJan 21 2020 09:50
The BitPyLock Ransomware Based on our analysis, when first launched, BitPyLock will attempt to terminate any processes that contain the following strings. This is done to terminate security software and close files being used by backup software, web…
New Faketoken Trojan Variant Sends Mass Texts to Premium-rate Cell Numbers
CywareJan 21 2020 12:45
| It’s unclear as to how Faketoken is targeting devices, and for how long these attacks may continue. Do not follow or click on the links from unknown senders, and also watch out for links from the people you know. Faketoken Android banking trojan has…
New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users
Security IntelligenceJan 21 2020 11:00
IBM X-Force researchers have discovered a new campaign targeting organizations with fake business emails that deliver NetWire remote-access Trojan (RAT) variants. The RAT is hidden inside an IMG file, which is a file extension used by disk imaging…
FTCODE ransomware is now armed with browser, email password stealing features
ZDNet Zero Day BlogJan 21 2020 14:19
Encrypting your PC isn’t enough — hackers want your email passwords, too.
Vulnerabilities
Update: Curveball Exploit (CVE-2020-0601) Starts Making the Rounds
Fortinet Blog | News and Threat Research – Category: Security ResearchJan 21 2020 08:00
Lean more about the recent Microsoft Curveball vulnerability and how FortiClient protects Fortinet customers from exploitation.
Zero-Day IE Bug is Being Exploited in the Wild
Infosecurity – Latest NewsJan 21 2020 10:06
Zero-Day IE Bug is Being Exploited in the Wild Both Microsoft and the US government are warning computer users of a critical remote code execution (RCE) vulnerability in Internet Explorer, which is currently being exploited in the wild. …
Mitsubishi Electric Blames Anti-Virus Bug for Data Breach
Data Breach TodayJan 21 2020 11:53
Hackers Exploited AV Software Zero-Day Vulnerability Before Vendor Patched Flaw (jeremy_kirk) • January 21, 2020 Source: Mitsubishi Electric Mitsubishi Electric says hackers exploited a zero-day vulnerability in its anti-virus software, prior to the…
Yomi Hunter Catches the CurveBall
Yoroi Blog – RSSJan 21 2020 11:27
The recent CurveBall vulnerability shook the Info-Sec community worldwide: a major vulnerability reported directly by the US National Security Agency. Such uncommon vulnerability reporter alerted the whole Industry, CVE-2020-0601 quickly conquered…
Ongoing Campaigns
New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users
Security IntelligenceJan 21 2020 11:00
IBM X-Force researchers have discovered a new campaign targeting organizations with fake business emails that deliver NetWire remote-access Trojan (RAT) variants. The RAT is hidden inside an IMG file, which is a file extension used by disk imaging…
Georgia Man Admits to Launching DDoS Attack
Security WeekJan 21 2020 14:19
A Georgia man has admitted in court to employing a third-party to launch a distributed denial of service (DDoS) attack. The man, Tucker Preston, 22, of Macon, Georgia, was charged with one count of damaging protected computers by transmission of a…
Microsoft, DHS Warn of Zero-Day Attack Targeting IE Users
Dark Reading – All StoriesJan 21 2020 22:00
Software firm is "aware of limited targeted attacks" exploiting a scripting issue vulnerability in Internet Explorer 9, 10, and 11 that previously has not been disclosed.
New Faketoken Trojan Variant Sends Mass Texts to Premium-rate Cell Numbers
CywareJan 21 2020 12:45
| It’s unclear as to how Faketoken is targeting devices, and for how long these attacks may continue. Do not follow or click on the links from unknown senders, and also watch out for links from the people you know. Faketoken Android banking trojan has…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

More News

  • Daily Alert – 24 February 2020

    Daily Alert: 97% of IT leaders worried about insider data breaches...
  • Daily Alert – 23 February 2020

    Daily Alert: Anxiety, depression and PTSD: The hidden epidemic of data breaches and cyber crimes...
  • Daily Alert – 22 February 2020

    Daily Alert: Defense Department Agency Reports Data Breach...
View all News

Request a demo

Get in touch