02 May 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
WeSteal 5 18
SombRAT 5 21
UNC2447 5 23
Hermes Ransomware 3 3
MuddyWater Group 2 4
AgeLocker Ransomware 2 9
Babuk Locker 6 85
QSnatch Malware 1 1
UnityMiner 1 1
Dovecat 1 1
Data Breaches
Ph: 345,000 sensitive legal documents from the PH government have been exposed onlineOffice of Inadequate Security – May 01 2021 13:11Vittoria Elliott reports: For at least two months, some 345,000 sensitive court documents from the Office of the Solicitor…
British Prime Minister’s Cell Phone Number Exposed hxxp://dlvr[.]it/Ryqj9V hxxps://twitter[.]com/InfosecurityMag/status/1388467386345349120/photo/1InfosecurityMag – Twitter – May 01 2021 12:16British Prime Minister’s Cell Phone Number Exposed hxxp://dlvr[.]it/Ryqj9V hxxps://twitter[.]com/InfosecurityMag/status/1388467386345349120/photo/1
Dutch Government Pauses Coronavirus App Over Data Leak Fears hxxps://www[.]securityweek[.]com/dutch-government-pauses-coronavirus-app-over-data-leak-fearsSecurityWeek – Twitter – May 01 2021 10:20Dutch Government Pauses Coronavirus App Over Data Leak Fears hxxps://www[.]securityweek[.]com/dutch-government-pauses-coronavirus-app-over-data-leak-fears
RT @doctorow: The nonconsensually compiled dossiers of personal information that @experian_us assembled on the entire population of the USA may currently be exposed via dozens, perhaps hundreds, of sites, thanks to a grossly negligent security defect in Experian’s API.

1/ hxxps://twitter[.]com/doctorow/status/1388170074305929218/photo/1abaranov – Twitter – May 01 2021 23:12RT @doctorow: The nonconsensually compiled dossiers of personal information that @experian_us assembled on the entire population of the USA may currently be exposed via dozens, perhaps hundreds, of sites, thanks to a grossly negligent security defect…

Hacker Groups
MuddyWater: Binder Project (Part 1)
hxxps://marcoramilli[.]com/2021/05/01/muddywater-binder-project-part-1/ by @Marco_Ramilli
Dinosn – Twitter – May 01 2021 07:41MuddyWater: Binder Project (Part 1)
hxxps://marcoramilli[.]com/2021/05/01/muddywater-binder-project-part-1/ by @Marco_Ramilli
Ghostwriter Update: Cyber Espionage Group UNC1151 Likely Conducts Ghostwriter Influence Activity hxxp://fuhs[.]eu/1e2cHfuhs – Twitter – May 01 2021 12:48Ghostwriter Update: Cyber Espionage Group UNC1151 Likely Conducts Ghostwriter Influence Activity hxxp://fuhs[.]eu/1e2c
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat hxxp://fuhs[.]eu/1e2fHfuhs – Twitter – May 01 2021 21:46UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat hxxp://fuhs[.]eu/1e2f
The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=cdd2f9b0-aaf4-11eb-8723-fa163e6ccaff Stories via @binance @Phemex_official #jakpost #phemexanon_indonesia – Twitter – May 02 2021 03:16The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=cdd2f9b0-aaf4-11eb-8723-fa163e6ccaff Stories via @binance @Phemex_official #jakpost #phemex
Malware
Babuk – A Growing Ransomware ThreatCyware – May 01 2021 20:29Babuk ransomware gang, which was discovered at the beginning of 2021, is known to target multiple sectors such as healthcare, manufacturing, and logistics. It has been very active recently and is demanding thousands of dollars in ransom from its…
Deep Dive Malware Analysis Of Hermes Ransomware Pt 1 – UnpackingReverse Engineering – May 01 2021 12:00submitted by /u/AGDCservices [link] [comments]
Deep Dive Malware Analysis Of Hermes Ransomware Pt 1 – Unpacking hxxps://www[.]reddit[.]com/r/ReverseEngineering/comments/n2gz4c/deep_dive_malware_analysis_of_hermes_ransomware/Dinosn – Twitter – May 01 2021 18:54Deep Dive Malware Analysis Of Hermes Ransomware Pt 1 – Unpacking hxxps://www[.]reddit[.]com/r/ReverseEngineering/comments/n2gz4c/deep_dive_malware_analysis_of_hermes_ransomware/
WeSteal and WeControl are two new pieces of commodity malware marketed by their creators as a path to easy money. Read our analysis of the malware and how to protect against it. hxxps://bit[.]ly/3nChbIw hxxps://twitter[.]com/Unit42_Intel/status/1388426976864649216/photo/1Unit42_Intel – Twitter – May 01 2021 09:36WeSteal and WeControl are two new pieces of commodity malware marketed by their creators as a path to easy money. Read our analysis of the malware and how to protect against it. hxxps://bit[.]ly/3nChbIw…
Vulnerabilities
Flaws in the BIND software expose DNS servers to attacksSecurity Affairs – May 01 2021 14:14The Internet Systems Consortium (ISC) released updates for the BIND DNS software to patch several denial-of-service (DoS) and potential RCE flaws. The Internet Systems Consortium (ISC) has released security updates for the BIND DNS software to…
#Microsoft warns of #BadAlloc flaws in #OT, #IoT devices
hxxps://securityaffairs[.]co/wordpress/117372/iot/badalloc-vulnerabilities-ot-iot.html
#securityaffairs #hacking
securityaffairs – Twitter – May 01 2021 09:48#Microsoft warns of #BadAlloc flaws in #OT, #IoT devices
hxxps://securityaffairs[.]co/wordpress/117372/iot/badalloc-vulnerabilities-ot-iot.html
#securityaffairs #hacking
Command injection flaw in #PHP #Composer allowed supply-chain attacks
hxxps://securityaffairs[.]co/wordpress/117366/security/php-composer-flaw.html
#securityaffairs #hacking
securityaffairs – Twitter – May 01 2021 09:48Command injection flaw in #PHP #Composer allowed supply-chain attacks
hxxps://securityaffairs[.]co/wordpress/117366/security/php-composer-flaw.html
#securityaffairs #hacking
Flaws in the #BIND software expose #DNS servers to attacks.
hxxps://securityaffairs[.]co/wordpress/117414/security/bind-dns-servers-flaws.html
#securityaffairs #hacking #malware
securityaffairs – Twitter – May 01 2021 14:20Flaws in the #BIND software expose #DNS servers to attacks.
hxxps://securityaffairs[.]co/wordpress/117414/security/bind-dns-servers-flaws.html
#securityaffairs #hacking #malware
Ongoing Campaigns
Gafgyt Learns from Mirai BotnetCyware – May 01 2021 20:29Just a month back, a new variant of the Gafgyt (Bashlite) botnet was spotted. Now, several other variants of the malware have been discovered. What’s the update? Upon examination of various codes, implementations, and techniques of Gafgyt , it was…
Babuk crew announced it will stop ransomware attacksSecurity Affairs – May 01 2021 12:19Babuk ransomware operators shut down their affiliate program and announced to stop using ransomware, the group plans to move on data theft. Recently the Babuk ransomware operators made the headlines for the ransomware attack against the …
Hackers Attack Apple Prior to Launch Event, Demand RansomE Hacking News – May 01 2021 15:08On the day when Apple was ready to declare a new series of products at its Spring Load Event, there happened a leak from an unexpected quarter. The infamous cybercrime gang REvil took the responsibility for stealing data and schematics from Apple's…
The Return of Dridex Banking TrojanCyware – May 01 2021 20:29Dridex is active again; it has returned with phishing attacks masquerading as QuickBooks invoices. This ongoing phishing campaign started on April 19, and it targets users of the accounting software to infect their devices. What has happened? The…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker's Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal