03 April 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
APT35 5 19
Hancitor 3 10
Phorpiex Malware 2 2
Kinsing Malware 2 2
LokiBot Trojan 2 4
Sarbloh Ransomware 2 2
HelloKitty Ransomware 2 3
Ecipekac 2 21
Ramnit 1 1
ArtraDownloader 1 1
Data Breaches
Does anyone have the link to the 8fit data leak from 2019blackhat library – Apr 02 2021 09:51div class="md"> Looking for a link to download it submitted by /u/Crispy_Potato_Chip [link]…
Capital One notifies more clients of SSNs exposed in 2019 data breachBleepingComputer.com – Apr 02 2021 15:46US bank Capital One notified additional customers that their Social Security numbers were exposed in a data breach announced in July 2019. […]
Capital One notifies more clients of SSNs exposed in 2019 data breach hxxps://www[.]bleepingcomputer[.]com/news/security/capital-one-notifies-more-clients-of-ssns-exposed-in-2019-data-breach/Dinosn – Twitter – Apr 02 2021 17:46Capital One notifies more clients of SSNs exposed in 2019 data breach hxxps://www[.]bleepingcomputer[.]com/news/security/capital-one-notifies-more-clients-of-ssns-exposed-in-2019-data-breach/
Capital One notifies more clients of SSNs exposed in 2019 data breach – @serghei
hxxps://www[.]bleepingcomputer[.]com/news/security/capital-one-notifies-more-clients-of-ssns-exposed-in-2019-data-breach/
BleepinComputer – Twitter – Apr 02 2021 15:46Capital One notifies more clients of SSNs exposed in 2019 data breach – @serghei
hxxps://www[.]bleepingcomputer[.]com/news/security/capital-one-notifies-more-clients-of-ssns-exposed-in-2019-data-breach/
Hacker Groups
The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=fb975bb0-942a-11eb-babe-fa163e6ccaff #ransomware #usaanon_indonesia – Twitter – Apr 03 2021 03:16The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=fb975bb0-942a-11eb-babe-fa163e6ccaff #ransomware #usa
RT @nigroeneveld: Suspected Chinese Group Calypso APT Exploiting Vulnerable Microsoft Exchange Servers hxxps://www[.]recordedfuture[.]com/chinese-group-calypso-exploiting-microsoft-exchange/InfosecNewsBot – Twitter – Apr 02 2021 21:59RT @nigroeneveld: Suspected Chinese Group Calypso APT Exploiting Vulnerable Microsoft Exchange Servers hxxps://www[.]recordedfuture[.]com/chinese-group-calypso-exploiting-microsoft-exchange/
COVID-19 phishing might be Goblin Panda. Ubiquiti confirms extortion attempt. More universities hit by Accellion compromise.The CyberWire – Apr 02 2021 16:06DomainTools has a rundown on how threat actors continue to use COVID-19-themed phishing against a wide range of targets. They’re following one campaign which delivers “a decoy document to the user which leverages a signed binary and a modified DLL to…
RT @nigroeneveld: Malicious Life Podcast: Inside the HAFNIUM Microsoft Exchange Attacks hxxps://www[.]cybereason[.]com/blog/malicious-life-podcast-bside-hafniumInfosecNewsBot – Twitter – Apr 02 2021 22:25RT @nigroeneveld: Malicious Life Podcast: Inside the HAFNIUM Microsoft Exchange Attacks hxxps://www[.]cybereason[.]com/blog/malicious-life-podcast-bside-hafnium
Malware
RT @nigroeneveld: Kinsing: The Malware with Two Faces hxxps://www[.]cyberark[.]com/resources/threat-research-blog/kinsing-the-malware-with-two-facesInfosecNewsBot – Twitter – Apr 02 2021 21:26RT @nigroeneveld: Kinsing: The Malware with Two Faces hxxps://www[.]cyberark[.]com/resources/threat-research-blog/kinsing-the-malware-with-two-faces
Asteelflash electronics maker hit by REvil ransomware attackBleepingComputer.com – Apr 02 2021 18:17Asteelflash, a leading French electronics manufacturing services company, has suffered a cyberattack by the REvil ransomware gang who is demanding a $24 million ransom. […]
RT @nigroeneveld: Updates on Quickly-Evolving ThiefQuest macOS Malware hxxps://www[.]trendmicro[.]com/en_us/research/20/g/updates-on-quickly-evolving-thiefquest-macos-malware.htmlInfosecNewsBot – Twitter – Apr 02 2021 22:50RT @nigroeneveld: Updates on Quickly-Evolving ThiefQuest macOS Malware hxxps://www[.]trendmicro[.]com/en_us/research/20/g/updates-on-quickly-evolving-thiefquest-macos-malware.html
Asteelflash electronics maker hit by REvil ransomware attack hxxps://www[.]bleepingcomputer[.]com/news/security/asteelflash-electronics-maker-hit-by-revil-ransomware-attack/Dinosn – Twitter – Apr 02 2021 18:45Asteelflash electronics maker hit by REvil ransomware attack hxxps://www[.]bleepingcomputer[.]com/news/security/asteelflash-electronics-maker-hit-by-revil-ransomware-attack/
Vulnerabilities
Security Flaws & Fixes – W/E – 4/2/21Tech-Wreck InfoSec Blog – Apr 02 2021 12:14  CISA Orders New Scans for Government MS Exchange Servers (03/31/2021) The US Cybersecurity and Infrastructure Security Agency (CISA) has issued deadlines for federal…
Nine Critical Flaws in FactoryTalk Product Pose Serious Risk to Industrial Firms hxxps://www[.]securityweek[.]com/nine-critical-flaws-factorytalk-product-pose-serious-risk-industrial-firms #ICSSecurityWeek – Twitter – Apr 02 2021 12:43Nine Critical Flaws in FactoryTalk Product Pose Serious Risk to Industrial Firms hxxps://www[.]securityweek[.]com/nine-critical-flaws-factorytalk-product-pose-serious-risk-industrial-firms #ICS
Nine Critical Flaws in FactoryTalk Product Pose Serious Risk to Industrial FirmsSecurity Week – Apr 02 2021 13:06Industrial automation giant Rockwell Automation on Thursday informed customers that it has patched nine critical vulnerabilities in its FactoryTalk AssetCentre product. The vulnerabilities were discovered by researchers at industrial cybersecurity…
@serghei Fortinet sent the following statement, urging customers to upgrade and apply mitigations for CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. hxxps://twitter[.]com/BleepinComputer/status/1378078026475393024/photo/1BleepinComputer – Twitter – Apr 02 2021 20:12@serghei Fortinet sent the following statement, urging customers to upgrade and apply mitigations for CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. hxxps://twitter[.]com/BleepinComputer/status/1378078026475393024/photo/1
Ongoing Campaigns
Conti ransomware gang hits Broward County Schools with $40M demandSC Magazine US – Apr 02 2021 21:44Coral Glades High School, part of Broward County Public Schools. The $40 million ransomware attack on the district was one of a wave of cases targeting educational institutions over the last couple of weeks. (Formulanone, Public domain, via Wikimedia…
Gambling Company hit with DDoS attack Already, DDoS attacks have set a new record and taken the extortion trend that started in August 2020 to the next level. Akamai, an internet security company has already reported the largest known DDoS (RDDoS) atta… hxxps://bit[.]ly/3sKrgVy hxxps://twitter[.]com/InfoSecHotSpot/status/1378039854060220422/photo/1InfoSecHotSpot – Twitter – Apr 02 2021 17:41Gambling Company hit with DDoS attack Already, DDoS attacks have set a new record and taken the extortion trend that started in August 2020 to the next level. Akamai, an internet security company has already reported the largest known DDoS (RDDoS)…
Financial Sector Remains Most Targeted by Threat Actors: IBMSecurity Week – Apr 02 2021 13:06Organizations in the financial and insurance sectors were the most targeted by threat actors in 2020, continuing a trend that was first observed roughly five years ago, IBM Security reports. Manufacturing and energy became the second and third most…
RT @nigroeneveld: Don’t Drink from That! Gootloader Watering Hole Leads to REvil Attack hxxps://www[.]areteir[.]com/dont-drink-from-that-gootloader-watering-hole-leads-to-revil-attacks/InfosecNewsBot – Twitter – Apr 02 2021 21:52RT @nigroeneveld: Don’t Drink from That! Gootloader Watering Hole Leads to REvil Attack hxxps://www[.]areteir[.]com/dont-drink-from-that-gootloader-watering-hole-leads-to-revil-attacks/

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal