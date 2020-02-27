Daily Alert – 27 February 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Raccoon Malware
|6
|11
|Cerberus Malware
|3
|3
|DoppelPaymer Ransomware
|4
|11
|MuddyWater Group
|3
|3
|Exaggerated Lion
|3
|10
|Rubella
|2
|2
|Exodus Spyware
|2
|4
|Remcos RAT
|2
|4
|BitPaymer Ransomware
|2
|3
|Mirai Trojan
|2
|3
|Data Breaches
|Data Breach Exposes Clearview AI Client List
|SecurityPhresh – Feb 26 2020 23:38
|Most of the companys clients are law enforcement.
|How to Prevent an AWS Cloud Bucket Data Leak
|Dark Reading: – Feb 26 2020 19:10
|Misconfigured AWS buckets have led to huge data breaches. Following a handful of practices will help keep you from becoming the next news story.
|UK Financial Regulator Admits to Data Breach
|SecurityWeek RSS Feed – Feb 26 2020 09:38
|Britain's Financial Conduct Authority on Tuesday admitted to a data breach, in an embarrassing revelation for the regulator and its boss, who shortly takes over at the Bank of England. …
|Samsung says Find my Mobile glitch not connected to recent data leak
|ZDNet Security – Feb 26 2020 11:31
|The strange Find my Mobile ‘1’ glitch experienced by users is thought to be wholly separate from recent customer data exposure.
|Hacker Groups
|Exaggerated Lion and Business Email Compromise – Don’t send that check!
|Graham Cluley – Feb 26 2020 17:42
|Well done on training your staff not to wire money into the accounts of criminal fraudsters. Unfortunately they’re sending the money by check instead. Read more in my article on the Bitdefender Business Insights blog.
|Exaggerated Lion and Business Email Compromise – Don’t Send That Check!
|Security Bloggers Network – Feb 26 2020 09:56
|…
|A Magecart Skimming Operation Went Undetected for 30 Months
|TechNadu – Feb 26 2020 12:18
|Researchers unearth a Magecart skimming operation that has been active for 2.5 years now. The target platform is a magazine printing firm, so the victims are magazine subscribers in the United States. The platform has failed to respond to the notices,…
|Smashing Security #167: Coronavirus scams and an exaggerated lion
|Graham Cluley – Feb 27 2020 00:32
|Scammers from Africa are preying on US businesses, a drug dealer makes a mistake when hiding his Bitcoin fortune, and the Coronavirus pandemic is causing scams to soar and raising questions about facial recognition. All this and much more is…
|Malware
|Raccoon malware targets massive range of browsers to steal your data and cryptocurrency
|ZDNet Zero Day Blog – Feb 26 2020 13:33
|Every browser you can think of is a target of the popular malware.
|CylancePROTECT vs. DoppelPaymer, BitPaymer and Dridex
|Security Bloggers Network – Feb 27 2020 04:42
|In this video, we demonstrate the prevention capabilities of our endpoint protection solution CylancePROTECT against attacks combining Emotet or Dridex along with a ransomware payload like BitPaymer or DoppelPaymer. The post …
|Expert Insight On DoppelPaymer Ransomware Launches Site To Post Victim’s Data
|Information Security Buzz – Feb 26 2020 07:06
|In response to recent Bleeping Computer reports that the operators of the DoppelPaymer Ransomware have launched a site that will be used to extort victims who do not pay a ransom and publish any files that were stolen before computers were…
|Sodinokibi Ransomware May Tip NASDAQ on Attacks to Hurt Stock Prices
|BleepingComputer.com – Feb 27 2020 00:43
|The operators of the Sodinokibi Ransomware (REvil) have started urging affiliates to copy their victim's data before encrypting computers so it can be used as leverage on a new data leak site that is being launched soon. […]
|Vulnerabilities
|What’s Old Is New, What’s New Is Old: Aged Vulnerabilities Still in Use in Attacks Today
|Security Intelligence – Feb 26 2020 11:05
|As reported in the IBM X-Force Threat Intelligence Index 2020, X-Force research teams operate a network of globally…
|OpenSMTPD Vulnerability Leads to Command Injection
|Security Week – Feb 26 2020 12:06
|An update released this week for the OpenSMTPD mail server addresses an out-of-bounds read vulnerability that could lead to arbitrary command execution. OpenSMTPD is the open source implementation of the Simple Mail Transfer Protocol (SMTP) in…
|Over 20 Zyxel Firewalls Impacted by Recent Zero-Day Vulnerability
|Security Week – Feb 27 2020 05:06
|A recently disclosedin Zyxel network-attached storage (NAS) devices also impacts over twenty of the vendor’s firewalls. The security flaw, which was issued CVE identifier CVE-2020-9054, can be exploited remotely, without authentication to execute…
|Wi-Fi of more than a billion PCs, phones, gadgets can be snooped on. But you’re using HTTPS, SSH, VPNs… right?
|ste williams – Feb 27 2020 02:08
|A billion-plus computers, phones, and other devices are said to suffer a chip-level security vulnerability that can be exploited by nearby miscreants to snoop on victims’ encrypted Wi-Fi traffic. The flaw [PDF] was branded KrØØk by the bods at…
|Ongoing Campaigns
|Australia Warns Finance Sector of DDoS Threats
|Bank Info Security – Feb 26 2020 18:58
|'Silence Hacking Crew' Demands Monero Ransom Jeremy Kirk (jeremy_kirk) • February 26, 2020 Australia's financial sector should brace for the potential of distributed denial-of-service attacks, the nation's top cyber agency has warned. See Also: Who's In…
|Lift the DDoS Smokescreen: Investigate Underlying Attacks
|Imperva Data Security Blog – Feb 26 2020 08:17
|“Hold out baits to entice the enemy. Feign disorder, and crush him.” ~ Sun Tzu The sophistication of cybercriminals and the attraction of the “Black Hat” cyberspace have grown dramatically over the years. In the past, cyber assaults were…
|Silence Hacking Crew threatens Australian banks of DDoS attacks
|Security Affairs – Feb 26 2020 11:44
|DDoS extortionists are blackmailing Australian banks asking for payments of large sums in Monero cryptocurrency threatening DDoS attacks. Cybercriminals are threatening Australian banks of DDoS attacks if they will not pay large sums in Monero…
|How to prevent scripting attacks in Microsoft Office
|CSO Online News – Feb 26 2020 11:00
|If you have looked at your inbox lately, you’ll not be surprised when I say that phishing attacks increased 400% in the first…
