08 April 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Cring Ransomware 16 16
Hancitor 4 16
ServHelper Backdoor 3 4
APT-C-23 3 4
Maze Ransomware 4 5
Janeleiro 3 14
Yanbian Gang 2 2
Cuba Ransomware 2 11
LockBit Ransomware 2 2
DoppelPaymer Ransomware 2 3
Data Breaches
Office Depot Europe Exposed One Million Customer Records OnlineTechNadu – Apr 07 2021 07:02Just under a million European customer records of Office Depot were leaked online. The firm failed to properly secure a production server that exposed its network too. It is likely that a hacker had already found a way into the corporate network before…
Do you need to explain the importance of the Facebook data leak to a politician or a privacy regulator? Start by checking if they themselves were exposed and had their private phone number leaked. This makes the issue more concrete than speaking about gigabytes of leaked data¹mikko – Twitter – Apr 07 2021 08:59Do you need to explain the importance of the Facebook data leak to a politician or a privacy regulator? Start by checking if they themselves were exposed and had their private phone number leaked. This makes the issue more concrete than speaking…
RT @mikko: Do you need to explain the importance of the Facebook data leak to a politician or a privacy regulator? Start by checking if they themselves were exposed and had their private phone number leaked. This makes the issue more concrete than speaking about gigabytes of leaked data¹BrianHonan – Twitter – Apr 07 2021 09:14RT @mikko: Do you need to explain the importance of the Facebook data leak to a politician or a privacy regulator? Start by checking if they themselves were exposed and had their private phone number leaked. This makes the issue more concrete than…
Capital One notifies more clients of SSNs exposed in 2019 data breachSeclists.org – Data Loss – Apr 07 2021 15:07Posted by Destry Winant on Apr 07…
Hacker Groups
Yanbian Gang Malware Continues with Wide-Scale Distribution and C2RiskIQ Blog – Apr 07 2021 15:00Fake banking apps laced with malware continue to be an effective tool for threat actors. For the Yanbian Gang, a criminal group centered in Yanbian, China, that …
Sophos Uncovered Connection Between Mount Locker and Astro Locker TeamTout sur la cybersociété, la cybersécurité, la cybercriminalité, la cyberdéfense, … – Apr 07 2021 17:07
APT27 in Vietnamese networks. Molerats go catphishing. EU cyberattacked. LinkedIn, Facebook data scraping. Android malware.The CyberWire – Apr 07 2021 15:30Kaspersky researchers describe a new and in their view sophisticated remote access Trojan being used in a Chinese cyberespionage campaign against Vietnamese military and other government targets. Threatpost reports that the malware used, “FoundCore,”…
Yanbian Gang Malware Continues with Wide-Scale Distribution and C2 hxxps://www[.]riskiq[.]com/blog/external-threat-management/yanbian-gang-malware-distribution/ @RiskIQ #malware hxxps://twitter[.]com/DMBisson/status/1379873620781117445/photo/1DMBisson – Twitter – Apr 07 2021 19:08Yanbian Gang Malware Continues with Wide-Scale Distribution and C2 hxxps://www[.]riskiq[.]com/blog/external-threat-management/yanbian-gang-malware-distribution/ @RiskIQ #malware hxxps://twitter[.]com/DMBisson/status/1379873620781117445/photo/1
Malware
Cring Ransomware Used in Attacks on European Industrial FirmsDark Reading – All Stories – Apr 07 2021 20:07Attackers exploited a vulnerability in Fortigate VPN servers to gain access to target networks, researchers report.
IcedID campaign spotted being spiced with Excel 4 Macros – replacing Emotet?Reddit – Netsec – Apr 07 2021 13:21submitted by /u/harroldhino [link]…
Ziggy Ransomware Gang Offers Victims Ransom RefundsBankInfoSecurity – Apr 07 2021 15:11Experts Question Whether the Offer Is…
A fun concern I’ve raised before with ransomware; security vendors tend to love it as it drives their profit margins up.

My take? It’s a lit fuse for them. Ransomware groups are advancing at a pace to rival vendors, and may surpass them in terms of revenue and R&D.GossiTheDog – Twitter – Apr 07 2021 18:18A fun concern I’ve raised before with ransomware; security vendors tend to love it as it drives their profit margins up.

My take? It’s a lit fuse for them. Ransomware groups are advancing at a pace to rival vendors, and may surpass them in terms of…

Vulnerabilities
CVE-2021-1420 A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user’s browser. The vulnerability is due to improper checks on parameter values in affect… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-1420CVEnew – Twitter – Apr 08 2021 04:45CVE-2021-1420 A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. The vulnerability is due to improper checks on parameter values in…
Details Disclosed for GitHub Pages Flaws That Earned Researchers $35,000 hxxps://www[.]securityweek[.]com/details-disclosed-github-pages-flaws-earned-researchers-35000SecurityWeek – Twitter – Apr 07 2021 13:27Details Disclosed for GitHub Pages Flaws That Earned Researchers $35,000 hxxps://www[.]securityweek[.]com/details-disclosed-github-pages-flaws-earned-researchers-35000
Android to Support Rust Programming Language to Prevent Memory FlawsTHN : The Hacker News – Apr 07 2021 15:28Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs. To that end, the company has been building parts of the Android Open Source…
CVE-2021-1405 A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is d… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-1405CVEnew – Twitter – Apr 08 2021 05:45CVE-2021-1405 A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability…
Ongoing Campaigns
Cloud-native watering hole attack: Simple and potentially devastatingHelp Net Security – News – Apr 08 2021 05:12In this era of increasing technological complexity, watering hole attacks build on a model of simplicity. Just like predatory animals that hover near sources of water favored by their prey, attackers systematically infect websites likely to be…
How to Know If You Are Under DDoS AttackSecurity Bloggers Network – Apr 07 2021 18:29
DDoS Extortion Attacks Get Stronger and More PersistentCyware – Apr 07 2021 20:28Akamai has recently reported three large-scale DDoS attacks. These attacks count among the six biggest volumetric DDoS attacks the company has ever recorded. Two of these attacks were the largest ransom DDoS attacks and the most recent one peaked at…
Why E-Commerce Security Matters Now More Than EverSecurity Intelligence – Apr 07 2021 23:04In February 2020, the world’s biggest retailer, Amazon, fended off the largest distributed denial of service (DDoS) attack in history. As peak traffic volume hit 2.3 Tbps , e-commerce security experts declared this attack as “a warning we should not…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal