07 January 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
ElectroRAT 17 51
VandaTheGod 9 18
Babuk Locker 7 26
Qarallax RAT 4 4
APT37 4 5
Pegasus Malware 5 5
LokiBot Trojan 3 3
JSSLoader RAT 3 9
Azazel Rootkit 2 2
Mustang Panda 2 2
Data Breaches
Secnewsbytes – RT @Secnewsbytes: Boris Johnson’s dithering over Covid-19 has left the UK fatally exposed – again https://t.co/6q7zwvcmqiSecnewsbytes – Twitter – Jan 06 2021 09:49RT @Secnewsbytes: Boris Johnson’s dithering over Covid-19 has left the UK fatally exposed – again https://www.newstatesman.com/politics/uk/2021/01/boris-johnson-s-dithering-over-covid-19-has-left-uk-fatally-exposed-again
Secnewsbytes – Netanyahu: Iran Aims to Build Nukes; HR Webinar – ‘Palestinians Exposed: Hate in the Classroom’ | HonestReporting https://t.co/9hwzFeHsMzSecnewsbytes – Twitter – Jan 06 2021 09:42Netanyahu: Iran Aims to Build Nukes; HR Webinar – 'Palestinians Exposed: Hate in the Classroom' | HonestReporting https://honestreporting.com/ibn-20200501-iran-nuclear-program-unrwa-abraham-accords-tesla/
Securityblog – RT @KitPloit: Urlhunter – A Recon Tool That Allows Searching On URLs That Are Exposed Via Shortener Services https://t.co/fK2uoBea3Y #Intel…Securityblog – Twitter – Jan 06 2021 14:56RT @KitPloit: Urlhunter – A Recon Tool That Allows Searching On URLs That Are Exposed Via Shortener Services https://j.mp/2XcsT02 #Intelligence https://twitter.com/KitPloit/status/1346802541116469248/photo/1
nicoleperlroth – Disappointing falsehoods from @ZDNet @campuscodi . Correct your story. Nowhere did we say JetBrains was used to bre… https://t.co/fuBOTuIc81nicoleperlroth – Twitter – Jan 07 2021 02:42Disappointing falsehoods from @ZDNet @campuscodi . Correct your story. Nowhere did we say JetBrains was used to breach SolarWinds, only that it is a customer, and is being investigated in larger breach. (Fwiw you also mischaracterize WSJ)….
Hacker Groups
Metacurity – RT @780thC: Report on Russian Cyber Units (Congressional Research Service): https://t.co/lb0MJH6r9N | Collectively, these units are sometim…Metacurity – Twitter – Jan 06 2021 12:08RT @780thC: Report on Russian Cyber Units (Congressional Research Service): https://beta.documentcloud.org/documents/20441144-russian-cyber-units-jan-4-2021 | Collectively, these units are sometimes referred to as APT (Advanced Persistent Threat) 28,…
Emissary Panda Ransomware Targets Israeli Gaming CompanyMinerva Labs – Blog – RSS – Jan 06 2021 13:58
PaloAltoNtwks – SolarStorm variants and imitators are on the way. We’ve been working tirelessly to help ensure that Cortex XDR cont… https://t.co/w5hKFnZnqLPaloAltoNtwks – Twitter – Jan 06 2021 19:22SolarStorm variants and imitators are on the way. We’ve been working tirelessly to help ensure that Cortex XDR continues to protect our customers against advanced threats such as the SolarStorm group. https://bit.ly/357O9YY…
Researchers Disclose Details of FIN7 Hacking Group’s MalwareCyberSecurityBoard.com – RSS – Jan 06 2021 06:47Researchers at Morphisec Labs have published fresh details about a malware variant called JSSLoader that the FIN7 hacking group has used for several years. … …
Malware
Babuk Locker is the first new enterprise ransomware of 2021MalwareTips.com – Jan 06 2021 20:42It's a new year, and with it comes a new ransomware called Babuk Locker that targets corporate victims in human-operated attacks. Babuk Locker is a new ransomware operation that launched… Click to expand……
InfoSecHotSpot – ElectroRAT malware used in extensive operation to extract funds from cryptocurrency wallets Cybercriminals employed… https://t.co/rZfpVLeJitInfoSecHotSpot – Twitter – Jan 06 2021 13:28ElectroRAT malware used in extensive operation to extract funds from cryptocurrency wallets Cybercriminals employed three fake cryptocurrency-related apps to trick users into downloading the malware on their systems https://bit.ly/3bcXUsQ…
ZDNet – Hackers target cryptocurrency users with new ElectroRAT malware https://t.co/ihPPr0mwlTZDNet – Twitter – Jan 06 2021 07:00Hackers target cryptocurrency users with new ElectroRAT malware…
ZDNet – Hackers target cryptocurrency users with new ElectroRAT malware https://t.co/miub8QsDlnZDNet – Twitter – Jan 06 2021 11:15Hackers target cryptocurrency users with new ElectroRAT malware…
Vulnerabilities
securityaffairs – Recently disclosed CVE-2020-29583 #Zyxel flaw already under opportunistic attack
https://t.co/bjd3M5mSYk
#securityaffairs #hacking
securityaffairs – Twitter – Jan 06 2021 12:18Recently disclosed CVE-2020-29583 #Zyxel flaw already under opportunistic attack

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack


#securityaffairs #hacking

cybersecboardrm – Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack #Cybersecurity #security https://t.co/ITqcGheAtTcybersecboardrm – Twitter – Jan 07 2021 03:57Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack #Cybersecurity #security…
securityaffairs – @GreyNoiseIO Recently disclosed CVE-2020-29583 #Zyxel flaw already under opportunistic attack… https://t.co/8IlTPU4Pb9securityaffairs – Twitter – Jan 06 2021 12:17@GreyNoiseIO Recently disclosed CVE-2020-29583 #Zyxel flaw already under opportunistic attack

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack


#securityaffairs #hacking

InfoSecHotSpot – Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw More than 100,000 Zyxel networking products could be vul… https://t.co/0Y3RnBAXJNInfoSecHotSpot – Twitter – Jan 06 2021 23:28Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover….
Ongoing Campaigns
Software Supply Chain Attacks: From Formjacking to Third Party Code ChangesImperva Data Security Blog – Jan 06 2021 17:452020 wasn’t the first year in which software supply chain attacks caused major damage, but it certainly brought them to the general public. Much has been said about the headline-grabbing nation state examples, but there is a wide spectrum of these…
‘Earth Wendigo’ Hackers Exfiltrate Emails Through JavaScript BackdoorSecurity Week – Jan 06 2021 21:06A newly identified malware attack campaign has been exfiltrating emails from targeted organizations using a JavaScript backdoor injected into a webmail system widely used in Taiwan. According to an , the attacks are linked to Earth Wendigo, a threat…
Hacker-for-Hire StrongPity APT Going Global with its New InfrastructureCyware – Jan 06 2021 19:24StrongPity, an APT group active since at least 2012 and first publically reported in 2016, has mostly focused on countries like Italy and Belgium. However, it has now expanded its scope of attack across Northern Africa, Europe, Asia, and Canada as…
A Deep Dive into Lokibot Infection ChainCisco Blog Security – Jan 06 2021 14:06News summary Lokibot is one of the most well-known information stealers on the malware landscape. In this post, we’ll provide a technical breakdown of one of the latest Lokibot campaigns. Talos also has a new script to unpack the dropper’s third…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal