05 January 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Phorpiex Malware 5 6
APT27 5 5
Lizard Squad 4 4
Mass Logger 4 4
Stuxnet 4 6
MuddyWater Group 3 4
Carbanak 3 3
DoppelPaymer Ransomware 6 9
Polar Ransomware 2 2
Derusbi Malware 2 3
Data Breaches
T-Mobile: Breach exposed call information for some customersCyberscoop – News – Jan 04 2021 14:42T-Mobile says that it “recently identified and quickly shut down” a data breach that included call-related information about some accounts. The wireless telecommunication firm said in a notice mailed to some customers in late December that…
Microsoft Source Code Exposed: What We Know & What It MeansDark Reading: – Jan 04 2021 23:10Microsoft says there is no increase in security risk; however, experts say access to source code could make some steps easier for attackers.
cybersecboardrm – Microsoft Source Code Exposed #Cybersecurity #security https://t.co/XtrbI3dlmKcybersecboardrm – Twitter – Jan 04 2021 23:57Microsoft Source Code Exposed #Cybersecurity #security https://www.darkreading.com/threat-intelligence/microsoft-source-code-exposed-what-we-know-and-what-it-means/d/d-id/1339822
Securityblog – T-Mobile: Breach exposed call information for some customers – CyberScoop https://t.co/WZ13wmwjccSecurityblog – Twitter – Jan 04 2021 14:52T-Mobile: Breach exposed call information for some customers – CyberScoop https://www.cyberscoop.com/tmobile-data-breach-december-2020/
Hacker Groups
The Evolution of the FIN7 JSSLoaderMorphisec – Blog – RSS – Jan 04 2021 15:00
What to Know About Lizard Squad and Those Wild ClaimsDistractify – Jan 05 2021 02:15In his tweets, Lin referenced a particular "Lizard Squad," claiming it was a group who had done the hacking to retrieve these supposed files. The truth is, the Lizard Squad is actually a known hacking group famous for many DDoS attacks. DDoS attacks,…
NaziSecurity – RT @r00tKomodo: Absolutely no member of Lizard Squad was involved in this conspiracy theory. Furthermore, Lizard Squad as a whole has never…NaziSecurity – Twitter – Jan 04 2021 13:43RT @r00tKomodo: Absolutely no member of Lizard Squad was involved in this conspiracy theory. Furthermore, Lizard Squad as a whole has never engaged in any government espionage. What are you smoking? #LizardSquad
ClipperChip – RT @JayLeidermanLaw: This former Trump lawyer Lin Wood is out of his skull if he thinks Lizard Squad has anything to do with some crazy QAn…ClipperChip – Twitter – Jan 05 2021 05:40RT @JayLeidermanLaw: This former Trump lawyer Lin Wood is out of his skull if he thinks Lizard Squad has anything to do with some crazy QAnon conspiracy. The Lizard Squad has been defunct for years. I know, I represented the guy that Wikipedia said…
Malware
Stopping Serial Killer: Catching the Next StrikeCheck Point Research – RSS – Jan 04 2021 10:08Brief When we look at a prevalent malware family, we give credit to its authors regarding the established malicious infrastructure. New malicious activity is flowing smoothly, command-and-control servers appear, everything works like Swiss watch….
sans_isc – Malware analysis – From small BAT file to Mass Logger infostealer https://t.co/eOyYXvJdEl https://t.co/Xb2SVFB83gsans_isc – Twitter – Jan 04 2021 14:45Malware analysis – From small BAT file to Mass Logger infostealer https://isc.sans.edu/diary/26946 https://twitter.com/sans_isc/status/1346105504095993858/photo/1
Securityblog – Malvuln – Malware security vulnerabilty research, vulnerable malware analysis, malware vulnerability analysis, comp… https://t.co/JWNe0FzU4qSecurityblog – Twitter – Jan 04 2021 15:53Malvuln – Malware security vulnerabilty research, vulnerable malware analysis, malware vulnerability analysis, computer security, malware vulnerabilty threat intel, cyber security, malware security research, Malware 0day http://malvuln.com/
Vulnerabilities
CVEnew – CVE-2020-29492 Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A r… https://t.co/QNhZuKjGWECVEnew – Twitter – Jan 04 2021 22:45CVE-2020-29492 Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable file and manipulate the…
Secnewsbytes – Google ReCaptcha flaw lets bots bypass audio captcha challenge https://t.co/yy5b9exHjlSecnewsbytes – Twitter – Jan 05 2021 04:42Google ReCaptcha flaw lets bots bypass audio captcha challenge https://www.hackread.com/google-recaptcha-flaw-lets-bots-bypass-audio-captcha-challenges/
Google ReCaptcha flaw lets bots bypass audio captcha challengeHackRead – Jan 04 2021 21:02By Sudais Asif According to researchers, the idea of the attack is to grab the MP3 file of the audio reCAPTCHA and submit it to Google's own Speech to Text API. This is a post from HackRead.com Read the original post: …
CVEnew – CVE-2020-29491 Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A r… https://t.co/ADBvLhV5vaCVEnew – Twitter – Jan 04 2021 22:45CVE-2020-29491 Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the sensitive information on the local…
Ongoing Campaigns
Experts linked ransomware attacks to China-linked APT27Security Affairs – Jan 05 2021 00:29Researchers from security firms Profero and Security Joes linked a series of ransomware attacks to the China-linked APT27 group. Security researchers from security firms Profero and Security Joes investigated a series of ransomware attacks against…
Cache Poisoning Denial-of-Service Attack TechniquesSecurity Bloggers Network – Jan 04 2021 08:17Attacks related to cache poisoning represent a clearly visible web security trend that has emerged in recent years. The security community continues to research this area, finding new ways to attack. As part of the recent release of Acunetix, we…
Over 250 Organizations Breached via SolarWinds Supply Chain Hack: ReportSecurity Week – Jan 04 2021 19:06It is believed that the recently disclosed targeting Texas-based IT management solutions provider SolarWinds resulted in threat actors gaining access to the networks of more than 250 organizations, according to reports. reported over the weekend that…
SMS Phishing Campaign Targets PayPal Users With Fake AlertsTechNadu – Jan 04 2021 12:03A new smishing campaign sends fake “account limited” warnings to users of PayPal. The recipients are urged to click on the included URL, which takes them onto a phishing site. The site is no longer online, but the actors may very easily register a new…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal