This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact productinfo[at]silobreaker[dot]com for more information.Heat - Trending Malware and Threat ActorsNameHeat 1Heat 7Vol 1Vol 7Ryuk Ransomware1721LokiBot Trojan3255Trickbot Malware2432Fxmsp77Sodinokibi Ransomware1625XOR.DDoS68Kaiji Malware69Lazarus Group627Masad Stealer45GuLoader67 Data Breaches InfosecurityMag - Exposed Code in Contact Tracing Apps: Copycats and Worse https://t.co/ubVOdNPWGn [1]InfosecurityMag - Twitter - Jun 23 2020 12:08 [2]Exposed Code in Contact Tracing Apps: Copycats and Worse https://www.infosecurity-magazine.com/blogs/exposed-contact-tracing?utm_source=twitterfeed&utm_medium=twittercybersecboardrm - A daily average of 80,000 printers exposed online via IPP #Cybersecurity #security https://t.co/5SOUT2Ylvi [3]cybersecboardrm - Twitter - Jun 23 2020 14:42 [4]A daily average of 80,000 printers exposed online via IPP #Cybersecurity #security...Exposed Code in Contact Tracing Apps: Copycats and Worse [5]Infosecurity - Blog - Jun 23 2020 12:08 [6]Exposed Code in Contact Tracing Apps: Copycats and Worse The global discussion surrounding contact tracing apps has long been about the pressing issue of privacy. When it comes to such sensitive information like one’s health condition,...Secnewsbytes - A daily average of 80,000 printers exposed online via IPPSecurity Affairs https://t.co/SawP6g2SDm [7]Secnewsbytes - Twitter - Jun 23 2020 16:55 [8]A daily average of 80,000 printers exposed online via IPPSecurity Affairs https://securityaffairs.co/wordpress/105120/hacking/80000-printers-exposed-online-ipp.html Hacker Groups Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln [9]Group-IB - Jun 23 2020 16:39 [10]Group-IB, a Singapore-based cybersecurity company, has issued a comprehensive report on Fxmsp — a heavyweight of the Russian-speaking cyber underground who made a name for himself selling access to corporate networks. Group-IB researchers analyzed...Anonymous Hackers Target U.S. Police Again- No More Impunity [11]CERT-EU - Latest Articles Ongoing Threats - RSS - Jun 24 2020 01:46 [12]Facebook/Anonymous. Anonymous is back in the headlines with claims that another attack on a U.S. police website is linked to the hactivist group. In the weeks since Anonymous hackers threatened Minneapolis Police Department (MPD), that it would...New Malware Attributed to North Korea’s Hidden Cobra/Lazarus Threat Group [13]CERT-EU - Latest Articles Ongoing Threats - RSS - Jun 23 2020 19:00 [14]Read the original article: New Malware Attributed to North Korea’s Hidden Cobra/Lazarus Threat Group On May 12th, 2020, the United States Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released...ACSC Releases Advisory on Cyber Campaign using Copy-Paste Compromises [15]CERT-EU - Latest Articles Ongoing Threats - RSS - Jun 23 2020 09:15 [16]Original release date: June 22, 2020 The Australian Cyber Security Centre (ACSC) has released an advisory regarding an ongoing cyber campaign involving “copy-paste compromises” targeting Australian government and commercial networks. According to the... Malware Grandoreiro malware: what it is, how it works and how to prevent it | Malware spotlight [17]Security Bloggers Network - Jun 23 2020 13:00 [18]Introduction One of the few things that attracts the attention of malware researchers more than novel types of malware is malware that expands its attack horizon to new areas of the globe. Couple... Go on to the site to read the full...InfoSecHotSpot - Sodinokibi Ransomware Now Scans Networks For PoS Systems Attackers are compromising large companies with the Cobalt… https://t.co/xetpSxnkjN [19]InfoSecHotSpot - Twitter - Jun 23 2020 23:28 [20]Sodinokibi Ransomware Now Scans Networks For PoS Systems Attackers are compromising large companies with the Cobalt Strike malware, and then deploying the Sodinokibi ransomware. https://bit.ly/3fUOdyy...European victims refuse to bow to Thanos ransomware [21]BleepingComputer.com - Jun 23 2020 21:17 [22]A Thanos ransomware campaign targeting mid-level employees of multiple organizations from Austria, Switzerland, and Germany was met by the victims' refusal to pay the ransoms demanded to have their data decrypted. [...]Ryuk ransomware deployed two weeks after Trickbot infection [23]BleepingComputer.com - Jun 23 2020 09:49 [24]Activity logs on a server used by the TrickBot trojan in post-compromise stages of an attack show that the actor takes an average of two weeks pivoting to valuable hosts on the network before deploying Ryuk ransomware. [...] Vulnerabilities BitDefender flaw allows hacking your phone or laptop remotely [25]CERT-EU VulnerabilitiesApplications - Jun 23 2020 19:01 [26], which would put thousands of users at risk. “The incorrect input validation vulnerability in the Safepay browser component of BitDefender Total Security 2020 allows a specially crafted external web page to execute remote commands within the Safepay...NA - CVE-2020-14940 - An issue was discovered in... [27]CERT-EU VulnerabilitiesApplications - Jun 23 2020 16:09 [28]An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature files. COMPANY. Security-Database help your corporation foresee and avoid...Fixing all vulnerabilities is unrealistic, you need to zero in on what matters [29]Help Net Security - News - Jun 24 2020 03:30 [30]As technology constantly advances, software development teams are bombarded with security alerts at an increasing rate. This has made it nearly impossible to remediate every vulnerability, rendering the ability to properly prioritize remediation...CVEnew - CVE-2020-11068 In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size… https://t.co/dvNvlAIER8 [31]CVEnew - Twitter - Jun 23 2020 17:45 [32]CVE-2020-11068 In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed in 4.4.4. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11068 Ongoing Campaigns XORDDoS, Kaiji DDoS Botnets Target Docker Servers [33]Security Week - Jun 23 2020 12:18 [34]The distributed denial-of-service (DDoS) botnets named XORDDoS and Kaiji recently started targeting exposed Docker servers, Trend Micro warned on Monday. , also known as XOR.DDoS, has been around since 2014 and it has been targeting Linux systems. ,...Brute-force attacks explained, and why they are on the rise [35]CSO Magazine - Jun 23 2020 10:29 [36]Brute-force attack definition A brute-force attack sees an attacker repeatedly and systematically submitting different usernames and passwords in an attempt to eventually guess credentials correctly. This simple but resources-intensive,...Ryuk Ransomware Deployed Two Weeks After Initial Trickbot Infection [37]Security Bloggers Network - Jun 23 2020 13:40 [38]Several attack campaigns waited two weeks after achieving a successful Trickbot infection before they deployed Ryuk ransomware as their final payload. SentinelOne came across the attacks as the result of monitoring an attack server employed by...EduardKovacs - The XORDDoS and Kaiji DDoS botnets have started targeting exposed Docker servers, Trend Micro warns. https://t.co/SYfJb6NMh8 [39]EduardKovacs - Twitter - Jun 23 2020 12:25 [40]The XORDDoS and Kaiji DDoS botnets have started targeting exposed Docker servers, Trend Micro warns. https://www.securityweek.com/xorddos-kaiji-ddos-botnets-target-docker-servers Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.
[1] https://twitter.com/InfosecurityMag/status/1275400334819688448
[2] https://twitter.com/InfosecurityMag/status/1275400334819688448
[3] https://twitter.com/cybersecboardrm/status/1275439139077292034
[4] https://twitter.com/cybersecboardrm/status/1275439139077292034
[5] https://www.infosecurity-magazine.com:443/blogs/exposed-contact-tracing/
[6] https://www.infosecurity-magazine.com:443/blogs/exposed-contact-tracing/
[7] https://twitter.com/Secnewsbytes/status/1275472531965829121
[8] https://twitter.com/Secnewsbytes/status/1275472531965829121
[9] https://www.group-ib.com/media/fxmsp/
[10] https://www.group-ib.com/media/fxmsp/
[11] https://www.forbes.com/sites/zakdoffman/2020/06/15/anonymous-hackers-just-targeted-us-police-again-no-more-impunity/
[12] https://www.forbes.com/sites/zakdoffman/2020/06/15/anonymous-hackers-just-targeted-us-police-again-no-more-impunity/
[13] https://www.itsecuritynews.info/new-malware-attributed-to-north-koreas-hidden-cobra-lazarus-threat-group/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ItSecurityNewsAggregated+%28IT+Security+News%29
[14] https://www.itsecuritynews.info/new-malware-attributed-to-north-koreas-hidden-cobra-lazarus-threat-group/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ItSecurityNewsAggregated+%28IT+Security+News%29
[15] https://www.kashifali.ca/2020/06/22/acsc-releases-advisory-on-cyber-campaign-using-copy-paste-compromises/
[16] https://www.kashifali.ca/2020/06/22/acsc-releases-advisory-on-cyber-campaign-using-copy-paste-compromises/
[17] http://feedproxy.google.com/~r/SecurityBloggersNetwork/~3/o8oROvSa5YU/
[18] http://feedproxy.google.com/~r/SecurityBloggersNetwork/~3/o8oROvSa5YU/
[19] https://twitter.com/InfoSecHotSpot/status/1275571515002585088
[20] https://twitter.com/InfoSecHotSpot/status/1275571515002585088
[21] https://www.bleepingcomputer.com/news/security/european-victims-refuse-to-bow-to-thanos-ransomware/
[22] https://www.bleepingcomputer.com/news/security/european-victims-refuse-to-bow-to-thanos-ransomware/
[23] https://www.bleepingcomputer.com/news/security/ryuk-ransomware-deployed-two-weeks-after-trickbot-infection/
[24] https://www.bleepingcomputer.com/news/security/ryuk-ransomware-deployed-two-weeks-after-trickbot-infection/
[25] https://www.securitynewspaper.com/2020/06/23/bitdefender-flaw-allows-hacking-your-phone-or-laptop-remotely/
[26] https://www.securitynewspaper.com/2020/06/23/bitdefender-flaw-allows-hacking-your-phone-or-laptop-remotely/
[27] https://www.security-database.com/detail.php?alert=CVE-2020-14940&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Last100Alerts+%28Security-Database+Alerts+Monitor+%3A+Last+100+Alerts%29
[28] https://www.security-database.com/detail.php?alert=CVE-2020-14940&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Last100Alerts+%28Security-Database+Alerts+Monitor+%3A+Last+100+Alerts%29
[29] http://feedproxy.google.com/~r/HelpNetSecurity/~3/se6nRkmJEdg/
[30] http://feedproxy.google.com/~r/HelpNetSecurity/~3/se6nRkmJEdg/
[31] https://twitter.com/CVEnew/status/1275485068484632578
[32] https://twitter.com/CVEnew/status/1275485068484632578
[33] https://www.securityweek.com/xorddos-kaiji-ddos-botnets-target-docker-servers
[34] https://www.securityweek.com/xorddos-kaiji-ddos-botnets-target-docker-servers
[35] https://www.csoonline.com/article/3563352/brute-force-attacks-explained-and-why-they-are-on-the-rise.html#tk.rss_all
[36] https://www.csoonline.com/article/3563352/brute-force-attacks-explained-and-why-they-are-on-the-rise.html#tk.rss_all
[37] http://feedproxy.google.com/~r/SecurityBloggersNetwork/~3/mxc8Lqr0zgk/
[38] http://feedproxy.google.com/~r/SecurityBloggersNetwork/~3/mxc8Lqr0zgk/
[39] https://twitter.com/EduardKovacs/status/1275404628239269889
[40] https://twitter.com/EduardKovacs/status/1275404628239269889
↧