03 May 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
EYE Malware 1 1
Pay2Key Ransomware 1 1
WeSupply Crypto Stealer 1 1
ComplexCodes 1 2
Zodiac Crypto Stealer 1 2
Spartan Crypter 1 2
TA428 1 5
WeControl RAT 1 5
Karma Panda 1 5
RoyalRoad 1 7
Data Breaches
“Another team looked at the children of people assigned to the Chernobyl cleanup and found that the damage seems to be limited to those exposed rather than being passed down.” hxxps://trib[.]al/WGeuTASarstechnica – Twitter – May 03 2021 02:22"Another team looked at the children of people assigned to the Chernobyl cleanup and found that the damage seems to be limited to those exposed rather than being passed down." hxxps://trib[.]al/WGeuTAS
@TNLUK @scroall72 It sounds like the nuance here is that the interfaces exposed to operators don’t expose the passwords but the underlying storage construct probably does. Without evidence to the contrary, that sounds like a reasonable conclusion.troyhunt – Twitter – May 02 2021 11:46@TNLUK @scroall72 It sounds like the nuance here is that the interfaces exposed to operators don’t expose the passwords but the underlying storage construct probably does. Without evidence to the contrary, that sounds like a reasonable conclusion.
TurgenSec finds 345,000 files from Filipino solicitor-general’s office were breachedZDNet Security – May 03 2021 02:45Sensitive documents from the solicitor-general of the Philippines, including information on ongoing legal cases and passwords, were breached and made publicly available online, the UK security firm has said.
GitHub – p3hndrx/B-B-Shuffle: Dashboard for conducting Backdoors and Breaches sessions over Zoom. hxxps://github[.]com/p3hndrx/B-B-ShuffleSecurityblog – Twitter – May 02 2021 15:31GitHub – p3hndrx/B-B-Shuffle: Dashboard for conducting Backdoors and Breaches sessions over Zoom. hxxps://github[.]com/p3hndrx/B-B-Shuffle
Hacker Groups
The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=fe696220-abbd-11eb-8723-fa163e6ccaff Stories via @liputan6dotcom #hacking #teslaanon_indonesia – Twitter – May 03 2021 03:16The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=fe696220-abbd-11eb-8723-fa163e6ccaff Stories via @liputan6dotcom #hacking #tesla
Malware
Babuk Quits Ransomware Encryption, Focuses on Data-Theft ExtortionE Hacking News – May 02 2021 11:43The Babuk ransomware group has decided to close the affiliate program and switch to an extortion model that does not rely on encrypting victim computers, according to a new message sent out today by the gang. The clarification comes after the group…
WeSteal, a shameless commodity cryptocurrency stealer available for saleSecurity Affairs – May 02 2021 16:00The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. A new cryptocurrency stealer dubbed WeSteal is available on the cybercrime underground, unlike other commodity…
Ransomware Reality Shock: 92% Who Pay Don’t Get Their Data BackForbes – Cybersecurity RSS – May 02 2021 10:00New ransomware research reveals that you really can't trust a criminal.
Vulnerabilities
New Spectre vulnerabilities discovered on Intel and AMD processorsSiliconANGLE – May 03 2021 00:05Spectre, a chip vulnerability first discovered in 2018 that subsequently came to involve more vulnerabilities that year is back with researchers discovering new variants that affect all modern processors. Detailed by researchers from the University of…
Microsoft Discovered Several Security Flaws in IoT Operating SystemsE Hacking News – May 02 2021 14:53Security researchers at Microsoft recently uncovered a series of critical memory allocation vulnerabilities in the Internet of Things (IoT). Microsoft researchers said that they have discovered about 25 undocumented critical memory-allocation…
RT @keithyperss: CVE-2021-25374 : Samsung Account Access Script
hxxps://github[.]com/FSecureLABS/CVE-2021-25374_Samsung-Account-Access
Securityblog – Twitter – May 02 2021 15:35RT @keithyperss: CVE-2021-25374 : Samsung Account Access Script
hxxps://github[.]com/FSecureLABS/CVE-2021-25374_Samsung-Account-Access
RT @dev_talk: Ruby: CVE-2021-31799: A command injection vulnerability in RDoc hxxps://forum[.]devtalk[.]com/t/9264 #rubylang #devtalkSecurityblog – Twitter – May 02 2021 15:35RT @dev_talk: Ruby: CVE-2021-31799: A command injection vulnerability in RDoc hxxps://forum[.]devtalk[.]com/t/9264 #rubylang #devtalk
Ongoing Campaigns
Chinese APT Actors Attack Russian Defense In An Espionage AttackE Hacking News – May 02 2021 16:28An earlier anonymous backdoor malware, called PortDoor, is probably being used by Chinese APT (advanced persistent threat) hackers to attack Russian defense system, according to reports. Cybersecurity firm 'Cybereason Nocturnus' looked into hackers…
DDoS attackers stick to their target even if they are unsuccessfulHelp Net Security – News – May 03 2021 05:00Link11 has released its DDoS report for Q1 2021 which revealed the number of DDoS attacks continued to grow. Between January and March, more than double the number of attacks than the same period in the previous year were recorded. This suggest…
Security Affairs newsletter Round 312Security Affairs – May 02 2021 13:32A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box….
Security researcher @alxbrsn unveiled a new supply chain attack vector earlier this year: dependency confusion.

Learn how it works and how it could expose your #business to potential cyber-attack risk. hxxps://okt[.]to/a61jYKImperva – Twitter – May 02 2021 18:55Security researcher @alxbrsn unveiled a new supply chain attack vector earlier this year: dependency confusion.

Learn how it works and how it could expose your #business to potential cyber-attack risk. hxxps://okt[.]to/a61jYK

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker's Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal