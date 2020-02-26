Daily Alert – 26 February 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|DoppelPaymer Ransomware
|5
|6
|AZORult Stealer
|4
|6
|Mozart Malware
|2
|4
|Raccoon Malware
|2
|5
|Exaggerated Lion
|2
|7
|Maze Ransomware
|3
|9
|WannaCry Ransomware
|3
|11
|dnsenum
|1
|1
|SMSreg
|1
|1
|Boogr
|1
|1
|Data Breaches
|Almost 60% of UK Consumers Affected by Data Breaches in 2019
|Security Bloggers Network – Feb 25 2020 16:00
|DISA Breach Likely Exposed Personal Data On At Least 200,000
|News ≈ Packet Storm – Feb 25 2020 14:59
|Healthcare industry at greatest risk of data breach
|Help Net Security – News – Feb 26 2020 04:30
|The healthcare industry has significantly more exposed attack surfaces than any other industry surveyed, according to Censys’s research findings of cloud risks and cloud maturity by industry, revealed at RSA Conference 2020. Leveraging the…
|Samsung cops to data leak after unsolicited ‘1/1’ Find my Mobile push notification
|ste williams – Feb 25 2020 20:08
|Updated Samsung has admitted that what it calls a “small number” of users could indeed read other people’s personal data following last week’s unexplained Find my Mobile notification. Several Register readers wrote in to tell…
|Hacker Groups
|BEC Group Abuses Google G Suite in Scheme Targeting Thousands of Firms
|Security Week – Feb 25 2020 09:18
|A group of scammers that targeted thousands in the United States employed Google’s G Suite for their infrastructure, Agari reports. More than 3,000 employees at nearly 2,100 companies were targeted by the same scammers over the course of five months…
|[Malware] Lazarus group’s Brambul worm of the former Wannacry – 2
|Reverse Engineering – Feb 26 2020 01:57
|submitted by /u/hanwint [link]…
|Credit Card Skimmer Running on 13 Sites, Despite Notification
|BleepingComputer.com – Feb 25 2020 09:55
|The tally of shopping websites infected by MageCart Group 12 with JavaScript that steals payment card info is seeing a sharp increase. Nearly 40 new victims have been discovered. […]
|BEC Attacks Hit More Than 2,100 Companies throughout the US
|Security Bloggers Network – Feb 25 2020 13:59
|Malware
|DoppelPaymer Ransomware Launches Site to Post Victim’s Data
|DataBreaches.net – Feb 25 2020 13:34
|First Maze Team did it. Now DoppelPaymer threat actors have followed suit. Lawrence Abrams reports: The operators of the DoppelPaymer Ransomware have launched a site that they will use to shame victims who do not pay a ransom and to publish any…
|‘Raccoon’ Infostealer Now Targeting 60 Apps: Report
|BankInfoSecurity – Feb 25 2020 17:14
|Malware-As-A-Service Offering Is Popular on Underground…
|Newly Composed Mozart Malware Found To Be Highly Evasive – Expert Insight
|Information Security Buzz – Feb 26 2020 05:58
|A new backdoor malware called Mozart is using the DNS protocol to communicate with remote attackers to evade detection by security software and intrusion detection systems. The researchers have discovered that the malware uses DNS to receive…
|Vulnerabilities
|Google fixes Chrome zero-day flaw exploited in the wild
|Security Affairs – Feb 25 2020 13:53
|Google has released Chrome 80 update that addresses three high-severity vulnerabilities, one of them has been exploited in the wild. Google has released Chrome 80 update (…
|Experts discovered a new critical OpenSMTPD RCE flaw exploited in the wild
|Security Affairs – Feb 25 2020 15:26
|Experts discovered a new critical remote code execution vulnerability in the OpenSMTPD that could allow hacking email servers running BSD or Linux. A new critical remote code execution vulnerability was discovered in the …
|Mind the gap: Google patches holes in Chrome – exploit already out there for one of them after duo spot code fix
|ste williams – Feb 26 2020 02:08
|Google has updated Chrome for Linux, Mac, and Windows to address three security vulnerabilities – and exploit code for one of them is already public, so get patching. In a release note on Monday, Krishna Govind, a test engineer at Google, said Chrome…
|ZyXEL Pushes Fixing Patch for 0-Day that is Under Active Exploitation
|TechNadu – Feb 25 2020 08:56
|Many of ZyXEL’s NAS devices are vulnerable to a newly discovered zero-day flaw that is under exploitation. The exploit code is available for sale on the dark web by hackers who specialize in this field. The company has pushed a fixing patch for four…
|Ongoing Campaigns
|How to harden your employees from the massive social engineering threat
|AlienVault Blogs – Feb 25 2020 13:00
|This blog was written by an independent guest blogger. Social engineering is the art of human deception. In the world of cybersecurity, it’s how to fool human beings in order to conduct cyber attacks. Some of these cyber attacks can be…
|Almost three-quarters of all phishing sites now use SSL protection
|Help Net Security – News – Feb 26 2020 06:32
|The total number of phishing sites detected by the Anti-Phishing Working Group (APWG) worldwide in October through December 2019 was 162,155, following the all-time-high of 266,387 attacks recorded in July through September 2019. Most menacing,…
|Iranian Hackers Backdoor Entry Through VPN Servers of Giant Organizations
|LIFARS Blog – Feb 25 2020 14:00
|After the 2010 Stuxnet worm attack on the Natanz Nuclear plant, Iran has started taking ‘Cyber’ seriously. Towards proving their technical advancement in recent years, Iranian hacking group recently attacked various sectors of the United States,…
|Ransomware posing rising threat to operational tech in industrial businesses
|SC Magazine UK – Feb 25 2020 14:01
|1 hour ago News by Mark Mayne A gradual increase in adversaries’ internal reconnaissance skills and abilities has enabled them to target systems that are vital to support the chain of production. Attackers are evolving their use of ransomware to deliver…
