09 June 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Nefilim Ransomware 11 13
Siloscape 10 37
Ragnar Locker 7 9
WatchDog Cryptominer 4 4
PhantomNet 4 4
Dyreza Trojan 4 4
Mail-O Malware 4 4
Evil Corp 5 14
TeamTNT 6 17
PayloadBIN Ransomware 4 17
Data Breaches
Organizations leveraging Microsoft Teams exposed to potential riskHelp Net Security – News – Jun 09 2021 04:30A survey conducted by Exec Survey and iGov Survey, reveals how over 200 unique organizations in the U.K. enabled seamless business continuity amid rapid societal change, where they face security challenges today, and what policies and procedures…
Unauthorized access accounts for 43% of all breaches globally hxxp://twib[.]in/l/eGMyyArGLrKa hxxps://twitter[.]com/InfoSecHotSpot/status/1402197787970879492/photo/1InfoSecHotSpot – Twitter – Jun 08 2021 09:36Unauthorized access accounts for 43% of all breaches globally hxxp://twib[.]in/l/eGMyyArGLrKa hxxps://twitter[.]com/InfoSecHotSpot/status/1402197787970879492/photo/1
Just do the maths: about 4.7B people use the internet. They reuse passwords like crazy not just across the services each individual uses, but different people use the same passwords. Then, only a small portion of all the services out there have been breached.troyhunt – Twitter – Jun 08 2021 20:14Just do the maths: about 4.7B people use the internet. They reuse passwords like crazy not just across the services each individual uses, but different people use the same passwords. Then, only a small portion of all the services out there have been…
8.4 BILLION #passwords exposed online — one of the largest collections of all time. 👀

Prepare your defenses for credential stuffing attacks now 👉 hxxps://www[.]imperva[.]com/learn/application-security/credential-stuffing/?utm_source=twitter&utm_medium=organic-socialImperva – Twitter – Jun 08 2021 13:168.4 BILLION #passwords exposed online — one of the largest collections of all time. 👀

Prepare your defenses for credential stuffing attacks now 👉…

Hacker Groups
TeamTNT Attempting to Reign on Cloud-based PlatformsCyware – Jun 08 2021 20:29TeamTNT has been actively improving on its specialization of targeting cloud-based infrastructure for several months to mine cryptocurrency. Recently, it has upgraded its arsenal to target the credentials of multiple cloud-native applications, some…
‘Expect Us’: Hacker Group Anonymous Targets Elon MuskIndiatimes – Jun 08 2021 08:00Hacker group Anonymous has released a video targetting Tesla CEO Elon Musk. In the video released on Youtube on June 4, Anonymous, responsible for some of the major cyber-attacks has criticised Musk's hold on the cryptocurrency market.
Elon Musk allegedly threatened by ‘Anonymous’ hacker collectiveCape Town Etc – Jun 08 2021 16:40“Greeting Citizens of the World. This is a message from Anonymous, for Elon Musk.” Fairly recently, a video that seems like something out of a Sci-Fi film or Mr. Robot episode, went viral. The 3 minute 48 second video claiming to be posted by hacker…
The US Recovers $2.3M From DarkSide Hacker AttackInvesting.com – Jun 08 2021 10:37The US reclaims $2.3 million from a ransomware attack made three weeks ago. DarkSide cybercrime group is responsible for the attack. The US government will give cybercrime a headstrong battle. US task force reclaims $2.3 million from a ransomware…
Malware
A deep dive into Nefilim, a ransomware group with an eye for $1bn+ revenue companiesZDNet Security – Jun 08 2021 12:00The group is one of many that employ two separate methods to blackmail victims.
3 things you might not know about modern ransomware and how Nefilim makes money hxxp://twib[.]in/l/59nXGaa4kG9GInfoSecHotSpot – Twitter – Jun 08 2021 16:203 things you might not know about modern ransomware and how Nefilim makes money hxxp://twib[.]in/l/59nXGaa4kG9G
‘Siloscape’ Is the First Known Malware to Target Windows ContainersTechNadu – Jun 08 2021 09:18A novel cloud malware called ‘Siloscape’ is the first one to be targeting Windows containers. The particular malware opens a backdoor to a set of malicious possibilities, including cryptojacking and data exfiltration. The obfuscation in the code and…
Vulnerabilities
CVE-2021-3564 A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all t… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-3564CVEnew – Twitter – Jun 08 2021 12:45CVE-2021-3564 A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects…
CVE-2021-31950 Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31948, CVE-2021-31964. hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-31950CVEnew – Twitter – Jun 08 2021 23:45CVE-2021-31950 Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31948, CVE-2021-31964. hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-31950
CVE-2021-31964 Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31948, CVE-2021-31950. hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-31964CVEnew – Twitter – Jun 08 2021 23:45CVE-2021-31964 Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31948, CVE-2021-31950. hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-31964
CVE-2021-31948 Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31950, CVE-2021-31964. hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-31948CVEnew – Twitter – Jun 08 2021 23:45CVE-2021-31948 Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31950, CVE-2021-31964. hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-31948
Ongoing Campaigns
Russian Hackers Use New ‘SkinnyBoy’ Malware in Attacks on Military, Government OrgsSeclists.org – Data Loss – Jun 08 2021 13:21Posted by Sophia Kingsbury on Jun 08…
From QBot…with REvil Ransomware: Initial Attack Exposure of JBSDataBreaches.net – Jun 08 2021 12:32Vitali Kremez & Yelisey Boguslavskiy write: During the first week of June 2021, two major corporations were attacked by a ransomware group. JBS, the largest meat producer in the world, was hit on May 30, with the attack targeting the North…
Cyberattacks on Transportation and Logistics System Witness a SurgeCyware – Jun 08 2021 20:29Organizations in the transportation and logistics sector have more recently become a favorite target among cybercriminals. The past few months saw several cyberattacks seeking the disruption of these companies. A disclosure by the New York’s…
Modern Ransomware’s Double Extortion Tactics and How to Protect Enterprises Against Them 6/8/21 7:00 AMTrend Micro – Jun 08 2021 13:11Ransomware actors have been a persistent threat for years, but they are still evolving. The wide adoption of advanced cybersecurity technologies and improved ransomware response processes has limited the success of traditional ransomware attacks….

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal