Silensec Newsletter

Cloud based python RAT targeting Middle Eastern countries

Cloud based python RAT targeting Middle Eastern countries

Cisco Talos unveiled the details of a new RAT dubbed "JhoneRAT, that is dropped to the victims via malicious Microsoft Office documents.

The dropper, along with the Python RAT, attempts to gather information on the victim's machine and then uses multiple cloud services: Google Drive, Twitter, ImgBB and Google Forms.

The RAT attempts to download additional payloads and upload the information gathered during the reconnaissance phase.

Read more...

Russia Hacked Ukrainian Gas Firm in Trump Impeachment: US Cyber Firm

Russia Hacked Ukrainian Gas Firm in Trump Impeachment: US Cyber Firm

Russia's GRU spy agency launched a "phishing" attack in November to access the email of Burisma Holdings employees, California cyber firm Area 1 Security said in a report.

According to the report, the timing of the GRU's campaign in relation to the 2020 US elections raised the specter that this was an early warning of what has been anticipated since the successful cyberattacks undertaken during the 2016 US elections.

Read more...

DoorDash announces data breach affecting 4.9 million people

DoorDash announces data breach affecting 4.9 million people

DoorDash announced in a blog post that an "unauthorized third party" had accessed user data of approximately 4.9 million "consumers, Dashers, and merchants."

DoorDash said names, email addresses, delivery addresses, order histories, phone numbers, and hashed, salted passwords all “could” have been accessed.

However, it’s not clear what, if anything, might have been done with the data by the third party.

Read more...

Massive wave of account hijacks hits YouTube creators

Massive wave of account hijacks hits YouTube creatorsy

A massive wave of account hijacks has hit YouTube users, and especially creators in the auto-tuning and car review community.

Several high-profile accounts from the YouTube creators car community have fallen victim to these attacks already.

The list includes channels such as Built [Instagram post, YouTube channel] among others.

Read more...

Simjacker Exploits S@T Browser to Affect a Billion Users

Simjacker Exploits S@T Browser to Affect a Billion Users

Platform agnostic attack, Simjacker allows hackers to remotely exploit the victims' phone by sending a SMS which contains a malicious code; the code gives instructions to the universal integrated circuit card (UICC)/ SIM card placed inside the targeted device to retrieve and carry out sensitive commands.

The attack is set into motion as soon as the 'attack SMS' sent via another remote handset, is received by the targeted device. The process involves a series of SIM Toolkit (STK) directions particularly configured to be sent on to the SIM Card inside the victim's device.

Read more...

The Central Bank of Russia will fine banks for weak cyber defense

The Central Bank of Russia will fine banks for weak cyber defense

On September 12, 2019, it became known that the Central Bank has a new punishment for banks for poor cyber defense. The Central Bank launched a new feature for credit institutions, it will be the risk profile on the level of information security.

The risk profile will be formed on the basis of four characteristics, including the share of unauthorised card transactions and the bank's readiness to repel an attack.

Read more...