06 January 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
APT27 10 16
Ryuk Ransomware 12 16
Egregor Ransomware 10 13
Sodinokibi Ransomware 7 9
EMOTET Trojan 15 50
Carbanak 5 8
JSSLoader RAT 4 6
Lizard Squad 4 8
Mass Logger 3 7
URSNIF 3 4
Data Breaches
Secnewsbytes – Facebook bug exposed identity of page admin using group doc feature https://t.co/ni5I7c15XDSecnewsbytes – Twitter – Jan 06 2021 05:54Facebook bug exposed identity of page admin using group doc feature https://www.hackread.com/bug-exposed-identity-of-facebook-page-admins/
Facebook bug exposed identity of page admin using group doc featureHackRead – Jan 05 2021 13:52The bug was reported to Facebook under its bug bounty program after which the researcher was awarded $5,000. Sometimes the greatest of threats lie in the simplest of vulnerabilities . Such is the case of a research report by researcher Shubham Bhamare…
Netanyahu Warns Iran About Pursuing Nuclear Bomb; “Palestinians Exposed: Hate in the Classroom”Information Age – Jan 05 2021 10:231 The United Nations treats Palestinians differently from any other group, counting unlimited generations and even resettled people as “refugees.” This includes some 5 million people, who would otherwise not be defined as such according to the…
Secnewsbytes – Boris Johnson’s dithering over Covid-19 has left the UK fatally exposed – again https://t.co/6q7zwvcmqiSecnewsbytes – Twitter – Jan 05 2021 12:09Boris Johnson’s dithering over Covid-19 has left the UK fatally exposed – again https://www.newstatesman.com/politics/uk/2021/01/boris-johnson-s-dithering-over-covid-19-has-left-uk-fatally-exposed-again
Hacker Groups
virusbtn – New report links China’s APT27 group (Emissary Panda, LuckyMouse) to ransomware attacks https://t.co/bY0bMOeaKL https://t.co/0fzQ8ZxnaJvirusbtn – Twitter – Jan 05 2021 15:19New report links China's APT27 group (Emissary Panda, LuckyMouse) to ransomware attacks https://www.bleepingcomputer.com/news/security/chinas-apt-hackers-move-to-ransomware-attacks/ https://twitter.com/virusbtn/status/1346476304430845954/photo/1
Securityblog – RT @Arkbird_SOLG: #apt Without forget that reuse the same dll of google updater vulnerable to side-loading previously used by APT32 and reu…Securityblog – Twitter – Jan 05 2021 16:02RT @Arkbird_SOLG: #apt Without forget that reuse the same dll of google updater vulnerable to side-loading previously used by APT32 and reused by APT27 later. This match with APT27 on the way think….
Lizard Squad says it has nothing to do with Trump lawyer’s pedophilia claimsOffice of Inadequate Security – Jan 05 2021 14:16From the department of wackadoodle-news, we bring you this report from Mikael Thalen, who is not himself wackadoodle: A…
Major Gaming Companies Hit with Ransomware Linked to APT27Threatpost.com – Jan 05 2021 15:26Researchers say a recent attack targeting videogaming developers has 'strong links' to the infamous APT27 threat group.
Malware
Is $14M Pushing The Ransomware Business Model? Unfortunately, No…Forbes – Cybersecurity RSS – Jan 05 2021 21:22Ransomware demands are now approaching 1000 BTC: millions of dollars. There is no honor among thieves as they will come back again and again, and traditional defense options aren't going to save us. There are things we can do improve resilience, but…
Securityblog – RT @olihough86: just seen an email delivering
Azorult
AsyncRAT
RevengeRAT

all in one archiveSecurityblog – Twitter – Jan 05 2021 15:44RT @olihough86: just seen an email delivering
Azorult
AsyncRAT
RevengeRAT

all in one archive

Ryuk ransomware is the top threat for the healthcare sectorBleepingComputer.com – Jan 05 2021 12:10Healthcare organizations continue to be a prime target for cyberattacks of all kinds, with ransomware incidents, Ryuk in particular, being more prevalent. […]
Researchers Unveil Technical Details About FIN7’s JSSLoaderTechNadu – Jan 05 2021 09:18Researchers dive deeper into how FIN7’s JSSLoader actually works as the RAT continually evolves. While malware toolsets are a moving target, methods, tactics, and oftentimes infrastructure remain unchanged. Closely monitoring the activities of hacking…
Vulnerabilities
CVEnew – CVE-2020-27842 There’s a flaw in openjpeg’s t2 encoder in versions prior to 2.4.0. An attacker who is able to provi… https://t.co/SF5vU36JpgCVEnew – Twitter – Jan 05 2021 18:45CVE-2020-27842 There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application…
CVEnew – CVE-2020-27843 A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide spe… https://t.co/f6QjUKYB6BCVEnew – Twitter – Jan 05 2021 18:45CVE-2020-27843 A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this…
CVEnew – CVE-2020-27844 A flaw was found in openjpeg’s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an… https://t.co/gUoD73f2OQCVEnew – Twitter – Jan 05 2021 18:45CVE-2020-27844 A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from…
CVEnew – CVE-2020-27845 There’s a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is abl… https://t.co/3danTr2i6dCVEnew – Twitter – Jan 05 2021 18:45CVE-2020-27845 There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest…
Ongoing Campaigns
Supply Chain Issues Don’t Seem to Go AwayCyware – Jan 05 2021 19:24The SunBurst campaign has left the world in shock. A nation-state actor intruded into a huge number of firms, including several U.S. government agencies. However, more supply chain issues have come to the forefront that we cannot neglect. What’s…
North Korean software supply chain attack targets stock investorsBleepingComputer.com – Jan 05 2021 16:55North Korean hacking group Thallium aka APT37 has been targeting a private stock investment messenger service in a supply chain attack, as reported this week. […]
Citrix Releases Updates to Prevent DDoS Attacks Abusing Its AppliancesSecurity Week – Jan 05 2021 16:06Citrix on Monday informed customers that it released firmware updates for its Application Delivery Controller (ADC) and Gateway products to prevent threat actors from abusing the appliances to launch and amplify distributed denial-of-service (DDoS)…
InfoSecHotSpot – Major Gaming Companies Hit with Ransomware Linked to APT27 Researchers say a recent attack targeting videogaming de… https://t.co/YtsBgp2flYInfoSecHotSpot – Twitter – Jan 05 2021 19:28Major Gaming Companies Hit with Ransomware Linked to APT27 Researchers say a recent attack targeting videogaming developers has 'strong links' to the infamous APT27 threat group. https://bit.ly/2JLnHgn…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal