03 February 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
AgentTesla Keylogger 26 26
Stuxnet 19 32
BLM Ransomware 6 6
Trickbot Malware 15 94
Nefilim Ransomware 4 12
VashSorena Ransomware 3 3
LockBit Ransomware 3 4
Shamoon Virus 3 3
The Shadow Brokers 3 3
Dridex Malware 4 19
Data Breaches
1.6 million Washington unemployment claims exposed in data breachIT Security Guru – Feb 02 2021 12:05The Office of the Washington State Auditor (SAO) has experienced a data breach which has resulted in the exposure of 1.6 million employment claims, and the sensitive personal information that they contain. The Washington SAO revealed that a threat…
Exposed Azure bucket leaked passports, IDs of volleyball reporters hxxps://www[.]bleepingcomputer[.]com/news/security/exposed-azure-bucket-leaked-passports-ids-of-volleyball-reporters/Securityblog – Twitter – Feb 02 2021 14:06Exposed Azure bucket leaked passports, IDs of volleyball reporters hxxps://www[.]bleepingcomputer[.]com/news/security/exposed-azure-bucket-leaked-passports-ids-of-volleyball-reporters/
Experts Advise After Personal Data Of 1.4 Million Washington ExposedInformation Security Buzz – Feb 02 2021 11:11The personal unemployment claims data of at least 1.4 million Washingtonians may have been stolen in a hack of software used by the state auditor’s office, Auditor Pat McCarthy said… The ISBuzz Post: This Post appeared first on Information Security…
Personal Data of 3 Million+ People Exposed In DriveSure HackOffice of Inadequate Security – Feb 02 2021 12:59Once again, breaches are discovered when security firms read forums where data are shared or posted for sale.  Risk Based…
Hacker Groups
Mimecast : Detecting and Preventing a TA551 Email Spam StrikeMarketScreener.com – Feb 02 2021 15:27TA551 email spam attacks are devious and very difficult to detect. Only in-depth analysis of the emails plus enhanced AV software has been able to defeat them. Key Points: Like a chameleon, a TA551 attack blends in with its surroundings, making it…
SMS Bandits owner arrested for carrying out large-scale phishing scamsTeiss – RSS – Feb 02 2021 20:23An operator of SMS Bandits was arrested by Met Police for spoofing known brands in fake SMS messages to steal people's online credentials. The post SMS…
U.K. Arrest in ‘SMS Bandits’ Phishing Service hxxps://buff[.]ly/3algJbjkmontenegro – Twitter – Feb 02 2021 20:19U.K. Arrest in ‘SMS Bandits’ Phishing Service hxxps://buff[.]ly/3algJbj
On the SANS ISC blog, @xme analyses the macro from a TA551/Shathak case, delivering Qakbot malware hxxps://isc[.]sans[.]edu/forums/diary/New+Example+of+XSL+Script+Processing+aka+Mitre+T1220/27056/virusbtn – Twitter – Feb 02 2021 17:13On the SANS ISC blog, @xme analyses the macro from a TA551/Shathak case, delivering Qakbot malware hxxps://isc[.]sans[.]edu/forums/diary/New+Example+of+XSL+Script+Processing+aka+Mitre+T1220/27056/
Malware
Ransomware Newcomers Include Pay2Key, RansomEXX, EverestBankInfoSecurity – Feb 02 2021 17:11Maze May Have Exited, But Fresh Gangs…
Vovalex is likely the first ransomware written in D https://www.bleepingcomputer.com/news/security/vovalex-is-likely-the-first-ransomware-written-in-d/Secnewsbytes – Twitter – Feb 02 2021 08:00Vovalex is likely the first ransomware written in D hxxps://www[.]bleepingcomputer[.]com/news/security/vovalex-is-likely-the-first-ransomware-written-in-d/
Excel spreadsheets push SystemBC malware, (Wed, Feb 3rd)SANS Internet Storm Center, InfoCON: green – Feb 03 2021 02:59Introduction On Monday 2021-02-01, a fellow researcher posted an Excel spreadsheet to the Hatching Triage sandbox.  This Excel spreadsheet has a malicious macro, and it uses an updated…
Ransomware gangs made at least $350 million in 2020ZDNet Security – Feb 02 2021 15:48The figure represents a 311% increase over ransomware payments recorded the previous your, in 2019.
Vulnerabilities
SonicWall Confirms Zero-Day Flaw Affects Certain ProductsBank Info Security – Feb 02 2021 16:56Researchers Spot Exploits in the Wild; Company Developing Patch SonicWall has confirmed that a zero-day vulnerability is affecting its Secure Mobile Access, or SMA, gateway product line, and the company is developing a patch to address the issue….
US federal payroll agency hacked using SolarWinds software flawBleepingComputer.com – Feb 02 2021 21:39The FBI has discovered that the National Finance Center (NFC), a U.S. Department of Agriculture (USDA) federal payroll agency, was compromised by exploiting a SolarWinds Orion software flaw, according to a Reuters report. […]
US federal payroll agency hacked using SolarWinds software flaw – @serghei
hxxps://www[.]bleepingcomputer[.]com/news/security/us-federal-payroll-agency-hacked-using-solarwinds-software-flaw/
BleepinComputer – Twitter – Feb 02 2021 21:39US federal payroll agency hacked using SolarWinds software flaw – @serghei
hxxps://www[.]bleepingcomputer[.]com/news/security/us-federal-payroll-agency-hacked-using-solarwinds-software-flaw/
Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMsSecurity Affairs – Feb 02 2021 10:21Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning of ransomware attacks exploiting two VMWare ESXi vulnerabilities, …
Ongoing Campaigns
Understanding Clickjacking and How to Prevent ItTechNadu – Feb 02 2021 09:18The word clickjacking is a portmanteau of the words click and hijack. As the name suggests, clickjacking is the act of taking a user’s legitimate click and using it for malicious purposes. The end result is that what you think you’re clicking on is…
Apple Issues Patches for NAT Slipstreaming 2.0 AttackSecurity Week – Feb 02 2021 12:08Apple this week released security updates to address multiple vulnerabilities in macOS and Safari, including a flaw that can be exploited for the recently disclosed . As part of the attack, an adversary could set up a crafted website and lure the…
What Did NSA Do to Help Prevent Supply Chain Attacks?Data Breach Today – Feb 02 2021 22:07Lawmakers Probe Why Juniper Breach Didn’t Lead to Actions to Help Prevent SolarWinds Hack In light of the recent SolarWinds supply chain hack on government agencies and others, 10 Democratic lawmakers are asking the National Security Agency to explain…
In the Shadow of Sunburst: Hunting for Firmware Persistence in the Context of Supply Chain Attack IRSecurity Bloggers Network – Feb 02 2021 18:12Download the PDF > In the wake of the Sunburst attack, IR and threat hunting are more important than ever, and firmware should be a key part of these efforts. As organizations continue to uncover the magnitude of these events, it is time to…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal