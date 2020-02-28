Daily Alert – 28 February 2020
|Heat – Trending Malware and Threat Actors
|Name
|Heat 1
|Heat 7
|Vol 1
|Vol 7
|Nemty Ransomware
|4
|5
|Cerberus Malware
|3
|6
|MuddyWater Group
|3
|6
|Crossrider Adware
|2
|2
|APT32
|2
|2
|Ryuk Ransomware
|5
|11
|AZORult Stealer
|3
|8
|WannaCry Ransomware
|3
|13
|Gustuff Banking Trojan
|1
|1
|FunkyBot
|1
|1
|Data Breaches
|Clearview AI’s Entire Client List Stolen In Data Breach – Expert Reaction
|Information Security Buzz – Feb 27 2020 09:10
|In response to The Daily Beast reports that facial-recognition software maker Clearview AI suffered a data breach that accessed the company’s entire client list, many which are law enforcement agencies, cybersecurity experts commented…
|Clearview AI Customers Exposed in Data Breach
|Dark Reading – All Stories – Feb 28 2020 01:00
|Customers for the controversial facial recognition company were detailed in a log file leaked to news organizations.
|Slickwraps data breach earns scorn for all
|ste williams – Feb 27 2020 20:11
|Slickwraps, a Kansas company that makes vinyl wraps for phones and other electronics, announced last week that it had suffered a data breach. This was no ordinary data breach. This was a breach that earned the deep scorn of both the hacker – who was…
|Malicious attacks continue to account for 64% of data breaches: OAIC
|ZDNet Security – Feb 28 2020 06:42
|It's the first report since OAIC announced it would shift the NDB reporting scheme from a quarterly report scheme to a six-month one.
|Hacker Groups
|Web Owners Ignore Alerts as Magecart Hits 40 More Sites
|Infosecurity – Latest News – Feb 27 2020 10:35
|Iran maintaining on-going cyber efforts, no response yet to Soleimani killing
|SC Magazine US – Feb 27 2020 13:28
|Iranian cyberespionage operations are continuing at a steady pace, but so far no reaction has been spotted in response to the January U.S. drone strike that killed Iranian Gen. Qasem Soleimani. Almost two months has passed since the Jan. 2, 2020…
|A Wade Through The COVID-19 Disinformation On The Internet
|Krypt3ia – Feb 27 2020 20:47
|…
|Cyber-wrath of Iran for top general’s assassination hasn’t progressed beyond snooping and nicking logins… yet
|ste williams – Feb 27 2020 20:11
|The Iranian cybercrime group that was expected to spearhead the rogue Middle East nation’s revenge for the US assassination of General Qasem Soleimani has quite the arsenal at its digital fingertips. Infosec researchers from Secureworks said…
|Malware
|How Much Money Did WannaCry Make? WannaCry was the fastest spreading ransomware ever created.
|Reverse Engineering – Feb 28 2020 07:05
|submitted by /u/Samiullah878778 [link]…
|Chrome 80 encryption change blocks AZORult password stealer
|ste williams – Feb 27 2020 14:11
|Evidence is emerging that a barely noticed change made to Chrome 80, released on 4 February, might have disrupted the hugely successful data and user profile stealing malware AZORult. AZORult first appeared in 2016, since then it has been used to…
|Lampion malware origin servers geolocated in Turkey
|Security Affairs – Feb 27 2020 18:57
|After three months from the first detection, the Lampion origin was identified. A webserver named “portaldasfinancas” is available in Turkey and has been used to spread the threat in Portugal. …
|Roaming Mantis, part V
|Kaspersky Lab – Feb 27 2020 14:00
|…
|Vulnerabilities
|Cisco Patches Flaws in FXOS, UCS Manager and NX-OS Software
|Security Week – Feb 27 2020 15:32
|Cisco on Wednesday released patches for 11 vulnerabilities in its products, including multiple flaws that impact Cisco UCS Manager, FXOS, and NX-OS software. The most important of the bugs is a high severity flaw in FXOS and NX-OS that could allow an…
|Threat actors scan Internet for Vulnerable Microsoft Exchange Servers
|Security Affairs – Feb 27 2020 08:05
|Experts warn that hackers are actively scanning the Internet for Microsoft Exchange Servers vulnerable in the attempt to exploit the CVE-2020-0688 RCE. Hackers are actively scanning the Internet for …
|Hackers Looking for Exchange Servers Affected by Recently Patched Flaw
|Security Week – Feb 27 2020 15:07
|Hackers have started scanning the Internet for Microsoft Exchange Server instances that are affected by a remote code execution vulnerability . Tracked as CVE-2020-0688, the security flaw exists when the server fails to properly create unique…
|Site Takeover Campaign Exploits Multiple Zero-Day Vulnerabilities
|Wordfence – RSS – Feb 27 2020 21:33
|Early yesterday, the Flexible Checkout Fields for WooCommerce plugin received a…
|Ongoing Campaigns
|Iran maintaining on-going cyber efforts, no response yet to Soleimani killing
|SC Magazine US – Feb 27 2020 13:28
|#RSAC: How The FBI Caught Voice Phishing (Vishing) Scammers
|Infosecurity – Latest News – Feb 27 2020 19:18
|#RSAC: How The FBI Caught Voice Phishing (Vishing) Scammers Criminals are using a combination of server exploitation, email, and voice calls to execute voice phishing attacks, often referred to as vishing. In a session at the …
|What is a cyber attack? Recent examples show disturbing trends
|CSO Magazine – Feb 27 2020 11:29
|Cyber attack definition Simply put, a cyber attack is an attack launched from one or more computers against another computer, multiple computers or networks. Cyber attacks can be broken down into two broad types: attacks where the goal is to disable…
|Web Owners Ignore Alerts as Magecart Hits 40 More Sites
|Infosecurity – Latest News – Feb 27 2020 10:35
