02 April 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Hancitor 7 8
Ragnarok Ransomware 4 4
QakBot 3 8
Zeppelin Ransomware 2 3
KeyBase Malware 2 3
Lazarus Group 3 12
IcedID Trojan 4 35
RedEcho 2 17
VoidCrypt Ransomware 1 1
RevCode 1 1
Data Breaches
Over 100 million MobiKwik user data leaked in Cyber Attack #CyberAttack #cybersecurity #security hxxps://www[.]cybersecurity-insiders[.]com/over-100-million-mobikwik-user-data-leaked-in-cyber-attack/cybersecboardrm – Twitter – Apr 01 2021 10:24Over 100 million MobiKwik user data leaked in Cyber Attack #CyberAttack #cybersecurity #security hxxps://www[.]cybersecurity-insiders[.]com/over-100-million-mobikwik-user-data-leaked-in-cyber-attack/
After obtaining login credentials, scammers were able to access the personal details of over 4100 customers. Credit card details on 283 customers were also exposed, and in 97 cases the security (CVV) code was compromised >> hxxps://bit[.]ly/3rFegPxInfosecurityMag – Twitter – Apr 01 2021 13:20After obtaining login credentials, scammers were able to access the personal details of over 4100 customers. Credit card details on 283 customers were also exposed, and in 97 cases the security (CVV) code was compromised >>…
hxxp://Booking[.]com Fined $558,000 for Late Breach Notification hxxps://www[.]infosecurity-magazine[.]com/news/bookingcom-fined-558k-for-late?utm_source=twitterfeed&utm_medium=twitterInfosecurityMag – Twitter – Apr 01 2021 11:30hxxp://Booking[.]com Fined $558,000 for Late Breach Notification hxxps://www[.]infosecurity-magazine[.]com/news/bookingcom-fined-558k-for-late?utm_source=twitterfeed&utm_medium=twitter
Hacker Groups
Cyber-Partisans Leaked Dzmitry Baskau’s Email to the NetworkCharter 97 – Apr 01 2021 13:19The leak of the usurper's accomplices continues. Cyber-partisans have posted in the public domain the e-mail of the dictator's friend and participant in the murder of Raman Bandarenka, Dzmitry Baskau, according to the telegram channel…
APT Charming Kitten Pounces on Medical ResearchersOODA Loop – Apr 01 2021 13:35Researchers have found that the advanced persistent threat group with known links to Iran called Charming Kitten has been targeting genetic, neurology, and oncology professionals in a credential-stealing campaign. Security researchers have linked the…
Bahamut Possibly Responsible for Multi-Stage Infection Chain CampaignThreatStream Blog – Apr 01 2021 06:52Authored by: Gage Mele, Tara Gould, Winston Marydasan, and Yury Polozov Key Findings Anomali Threat Research discovered cyberthreat actors distributing malicious documents exploiting a vulnerability (CVE-2017-8570) during a multi-stage infection…
RT @CrowdStrike: On our Adversary Universe website, learn about DEADEYE JACKAL, the Syria-based hacker group also known as the Syrian Electronic Army: hxxps://bit[.]ly/3tSn0nA #CSAdversaryUniversesecurity4all – Twitter – Apr 01 2021 12:22RT @CrowdStrike: On our Adversary Universe website, learn about DEADEYE JACKAL, the Syria-based hacker group also known as the Syrian Electronic Army: hxxps://bit[.]ly/3tSn0nA #CSAdversaryUniverse
Malware
2021-04-01 – Quick post: IcedID (Bokbot) activityMalware-Traffic-Analysis.net – Blog Entries – Apr 02 2021 02:21
Useful stuff…
(Only a little change I would recommend compared to that tweet: instead of 2*Qakbot and 0*TrickBot, I would recommend 1*Qakbot and 1*TrickBot. Much better this way…
😂)
malwrhunterteam – Twitter – Apr 01 2021 13:54Useful stuff…
(Only a little change I would recommend compared to that tweet: instead of 2*Qakbot and 0*TrickBot, I would recommend 1*Qakbot and 1*TrickBot. Much better this way…
😂)
Ragnarok Ransomware Hits Boggi Milano Menswear The ransomware gang exfiltrated 40 gigabytes of data from the fashion house, including HR and salary details. hxxps://bit[.]ly/3dsKTLm hxxps://twitter[.]com/InfoSecHotSpot/status/1377692829900767233/photo/1InfoSecHotSpot – Twitter – Apr 01 2021 18:42Ragnarok Ransomware Hits Boggi Milano Menswear The ransomware gang exfiltrated 40 gigabytes of data from the fashion house, including HR and salary details. hxxps://bit[.]ly/3dsKTLm…
Hades Ransomware and Hafnium Hacker Group – Peas from the Same Pod?Cyware – Apr 01 2021 20:28Hades ransomware has lately been in the daily news and created devastation in its wake. And, we already know about Hafnium from the most recent attacks on Microsoft Exchange Servers. Can these two be related? Experts surmise. The scoop Researchers…
Vulnerabilities
CVE-2021-3447 A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These p… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-3447CVEnew – Twitter – Apr 01 2021 18:45CVE-2021-3447 A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode….
Piger Fabrica Crypto flaw foundMedium Cybersecurity – RSS – Apr 01 2021 07:15
CVE-2021-20235 There’s a flaw in the zeromq server in versions before 4.3.3 in src/decoder_allocators[.]hpp. The decoder static allocator could have its sized changed, but the buffer would remain the same as it is a static buffer. A remote, unauthenticate… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-20235CVEnew – Twitter – Apr 01 2021 14:45CVE-2021-20235 There's a flaw in the zeromq server in versions before 4.3.3 in src/decoder_allocators[.]hpp. The decoder static allocator could have its sized changed, but the buffer would remain the same as it is a static buffer. A remote,…
VMware Patches 2 Flaws in vRealize OperationsBankInfoSecurity – Apr 01 2021 16:11If Exploited, Flaws Could Open Door to Theft of…
Ongoing Campaigns
What are phishing kits? Web components of phishing attacks explainedCSO Online News – Apr 01 2021 09:00Editor's note: This article, originally published on August 7, 2018, has been updated to include new information on phishing kit features. Phishing is a social attack, directly related to …
Gambling Company hit with DDoS attackIT Security Guru – Apr 01 2021 12:05Akami reports three of the six biggest DDoS attacks ever recorded Already, DDoS attacks have set a new record and taken the extortion trend that started in August 2020 to the next level. Akamai, an internet security company has already reported the…
Cyberextortion Threat Evolves as Clop Ransomware Attacked 6 U.S Universities Data SecurityE Hacking News – Apr 01 2021 14:38Malicious actors are now using novel ways to extract universities' data, and are threatening to share stolen data on dark websites unless universities pay them a lot of money.  The current update reads that the Clop ransomware group claimed to have…
Legacy QNAP NAS Devices Vulnerable to Zero-Day AttackThreatpost.com – Apr 01 2021 19:53Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities.

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal