Daily Alert – 25 February 2020
Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|NotPetya Ransomware
|5
|16
|Raccoon Malware
|3
|3
|Exaggerated Lion
|3
|5
|WannaCry Ransomware
|5
|8
|Maze Ransomware
|4
|6
|Mozart Malware
|2
|2
|Grim Spider
|2
|2
|Exodus Spyware
|2
|2
|FIN6
|2
|4
|LockerGoga Ransomware
|2
|4
|Data Breaches
|Lawsuit Claims HIV Data Exposed in Leak
|Data Breach Today – Feb 24 2020 22:07
|Legal Action Stems From Misconfigured Database at UW Medicine A lawsuit seeking class action status filed against UW Medicine in the wake of a data leak incident has been amended to reflect that at least one HIV patient allegedly had their data…
|Samsung suffers data breach as coronavirus spreads through South Korea
|SiliconANGLE – Feb 25 2020 02:40
|Samsung Electronics Co. Ltd. has suffered a data breach, but though the extent of the breach and exactly what was involved is open to speculation, it may be the least of the company’s problems given that the Wuhan coronavirus is out of control…
|Samsung cops to data breach after unsolicited ‘1/1’ Find my Mobile push notification
|The Register – Security – Feb 24 2020 13:20
|Tight-lipped chaebol still won't talk about the dodgy app, though Samsung has admitted that what it calls a "small number" of users could indeed read other people's personal data following last week's unexplained Find my Mobile notification.…
|US defense IT agency says data breach may have affected 200,000 people
|HOTforSecurity – Feb 24 2020 12:13
|…
|Hacker Groups
|BEC Group Favors G-Suite, Physical Checks: Report
|CUInfoSecurity – Feb 24 2020 16:57
|Business Email Compromise (BEC) , Fraud Management & Cybercrime , Fraud Risk Management Agari Says 'Exaggerated Lion' Has Targeted Businesses Throughout US Akshaya Asokan (asokan_akshaya) • February 24, 2020 A business email compromise group targeting…
|[Malware] Lazarus group’s Brambul worm of the former Wannacry – 1.md
|Reverse Engineering – Feb 25 2020 05:32
|submitted by /u/hanwint [link]…
|What is Hacktivism? And Why Should Enterprise Care?
|SentinelOne – Feb 24 2020 17:00
|Only a few years ago, the antics of hacktivists regularly populated media headlines with grand stunts and ominous threats, defacing websites,…
|FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019
|Security Affairs – Feb 24 2020 08:25
|FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. According to the FireEye Mandiant M-Trends 2020 report,…
|Malware
|Raccoon Malware, a success case in the cybercrime ecosystem
|Security Affairs – Feb 24 2020 20:10
|Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon…
|New Mozart Malware Gets Commands, Hides Traffic Using DNS
|BleepingComputer.com – Feb 24 2020 21:34
|A new backdoor malware called Mozart is using the DNS protocol to communicate with remote attackers to evade detection by security software and intrusion detection systems. […]
|Metamorfo: the banking Trojan with a long list of tricks
|MediaCenter Panda Security – Feb 24 2020 14:15
|…
|Lampion malware v2 February 2020
|Security Affairs – Feb 24 2020 21:35
|Since end-December 2019 lampion malware has been noted as the most…
|Vulnerabilities
|CVE-2020-6418: Google Chrome Type Confusion Vulnerability Exploited in the Wild
|Tenable Blog – Feb 24 2020 21:32
|Google is aware of reports that a type confusion flaw in Google Chrome has been exploited in the wild. Background On February 24, Google …
|Zyxel Fixes 0day in Network Storage Devices
|Krebs on Security – Feb 24 2020 17:13
|Patch comes amid active exploitation by ransomware gangs Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer…
|Vulnerability Summary for the Week of February 17, 2020
|US-CERT Bulletins – Feb 24 2020 11:29
|Original release date: February 24, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet…
|Multiple Attack Campaigns Targeting Recent Plugin Vulnerabilities
|Wordfence – RSS – Feb 24 2020 17:42
|As part of our ongoing research efforts, the Wordfence Threat Intelligence team continually monitors our network for noteworthy threats facing WordPress. Recently, we’ve been tracking malicious activity targeting several vulnerabilities…
|Ongoing Campaigns
|Metamorfo: the banking Trojan with a long list of tricks
|MediaCenter Panda Security – Feb 24 2020 14:15
|…
|BEC Group Favors G-Suite, Physical Checks: Report
|CUInfoSecurity – Feb 24 2020 16:57
|Business Email Compromise (BEC) , Fraud Management & Cybercrime , Fraud Risk Management Agari Says 'Exaggerated Lion' Has Targeted Businesses Throughout US Akshaya Asokan (asokan_akshaya) • February 24, 2020 A business email compromise group targeting…
|Attackers Use SMS Phishing to Steal Credentials and Install Emotet Malware
|HOTforSecurity – Feb 24 2020 14:29
|…
|DDoS as a smokescreen
|Imperva Data Security Blog – Feb 24 2020 07:59
|“Hold out baits to entice the enemy. Feign disorder, and crush him.” ~ Sun Tzu Sophistication of cyber criminals and the attraction of the “Black Hat” cyber space are growing dramatically over the years. In the past, cyber assaults were…
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.