11 February 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Loda RAT 10 15
BendyBear 10 26
HelloKitty Ransomware 7 13
Bitter APT 5 6
BlackTech APT 6 22
TA505 5 5
RansomExx Ransomware 4 6
BazarLoader 4 8
RedHack 3 3
Donot Team 3 3
Data Breaches
Software Dependencies Exposed Microsoft, Apple to High-Impact AttacksSecurityWeek RSS Feed – Feb 10 2021 13:54Security researcher Alex Birsan discovered a way to breach tens of organizations through software dependencies, and he earned tens of thousands of dollars in bug bounties from Microsoft, Apple and some of the other affected…
Software Dependencies Exposed Microsoft, Apple and Many Others to High-Impact Attacks hxxps://www[.]securityweek[.]com/software-dependencies-exposed-microsoft-apple-high-impact-attacksSecurityWeek – Twitter – Feb 10 2021 13:55Software Dependencies Exposed Microsoft, Apple and Many Others to High-Impact Attacks hxxps://www[.]securityweek[.]com/software-dependencies-exposed-microsoft-apple-high-impact-attacks
Vulnerabilities in NextGEN Gallery Plugin Exposed Many WordPress Sites to Takeover hxxps://www[.]securityweek[.]com/vulnerabilities-nextgen-gallery-plugin-exposed-many-wordpress-sites-takeoverSecurityWeek – Twitter – Feb 10 2021 09:52Vulnerabilities in NextGEN Gallery Plugin Exposed Many WordPress Sites to Takeover hxxps://www[.]securityweek[.]com/vulnerabilities-nextgen-gallery-plugin-exposed-many-wordpress-sites-takeover
Vulnerabilities In NextGEN Gallery Plugin Exposed Many WordPress Sites To TakeoverSecurityPhresh – Feb 10 2021 09:47Two severe vulnerabilities in the NextGEN Gallery WordPress plugin could have exposed more than 800,000 websites to complete takeover, WordPress security company Defiant reported on Monday[.]read more
Hacker Groups
I’m not sure this is still even a valid differentiation. As more nation states employ or “contract” out their deeds to criminals within their borders this distinction is more and more murky. Look at Li Xiaoyu aka “Oro0lxy”. Crim or PRC/MSS? What if both?ChetWisniewski – Twitter – Feb 10 2021 20:33I'm not sure this is still even a valid differentiation. As more nation states employ or "contract" out their deeds to criminals within their borders this distinction is more and more murky. Look at Li Xiaoyu aka “Oro0lxy”. Crim or PRC/MSS? What if…
Sprite Spider: Another Threat Actor to Be Aware ofCyware – Feb 10 2021 19:24Sprite Spider is not a new hacker group. However, it is making headlines once again. Why? Let us find out. The scoop Two CrowdStrike researchers disclosed details about Sprite Spider at the recent SANS Cyber Threat Intelligence Summit . The threat…
How Retailers Should Address Magecart Web Skimming AttacksTotal Retail – RSS – Feb 10 2021 17:40In my previous article about Magecart web skimming attacks, I recapped some of the noteworthy victims of this cybercriminal collective and how attackers managed to breach them. Today, security teams in retail are mostly aware of this threat, however,…
Indian cyber-spy ‘Confucius’ targets Pakistan, Kashmir: security reportSydney Morning Herald – Feb 11 2021 06:36Oakland, California: A hacking group with ties to the Indian military adopted a pair of mobile surveillance tools to spy on geopolitical targets in Pakistan and Kashmir amid persistent regional tensions between the nuclear-armed neighbours, according…
Malware
LodaRAT Malware Can Now Target Android DevicesBankInfoSecurity – Feb 10 2021 14:41Trojan's Operators Also Updated Version Used to Target…
LodaRAT Windows malware now hunting Android devicesHackRead – Feb 10 2021 17:08By Deeba Ahmed Dubbed LodaRAT, the trojan was equipped with credential-stealing capabilities earlier, but now it is eyeing Android users. This is a post from HackRead[.]com Read the original post: …
LodaRAT Windows Malware Now Also Targets Android DevicesTHN : The Hacker News – Feb 10 2021 12:18A previously known Windows remote access Trojan (RAT) with credential-stealing capabilities has now expanded its scope to set its sights on users of Android devices to further the attacker's espionage motives. "The developers of LodaRAT have added…
What are the most clever ransomware techniques that you have seen?MalwareTips.com – Feb 10 2021 09:01In the interest of full disclosure, I only ask because I am not too familiar with all of the various ransomware techniques, I just started working with ransomware detection two weeks ago. Either……
Vulnerabilities
CVE-2020-27870 This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2020-27870CVEnew – Twitter – Feb 10 2021 23:45CVE-2020-27870 This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within……
Analysis of CVE-2021–1722Reddit – Netsec – Feb 10 2021 21:44submitted by /u/Streetfight2 [link] [comments]
CVE-2020-27871 This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2020-27871CVEnew – Twitter – Feb 10 2021 23:45CVE-2020-27871 This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication…
Intel Squashes High-Severity Graphics Driver Flaws hxxps://threatpost[.]com/intel-graphics-driver-flaws/163810/Dinosn – Twitter – Feb 10 2021 20:25Intel Squashes High-Severity Graphics Driver Flaws hxxps://threatpost[.]com/intel-graphics-driver-flaws/163810/
Ongoing Campaigns
10 SIM-swapping hackers nabbed for targeting US celebritiesHackRead – Feb 10 2021 14:52The SIM-Swapping gang worked together and stole over USD 100 million in cryptocurrencies from thousands of victims. Europol has announced arresting 10 hackers involved in large scale SIM-swapping attacks targeting high-profile celebrities in the…
2021: A Good Year for Cerber, Bad for Healthcare SectorCyware – Feb 10 2021 20:28It is often observed that old malware variants tend to resurface and are re-factored to include new tricks. However, at their core, they are still leveraging tried and true techniques. Years after its heyday, one such malware named Cerber has risen…
WINDOWS KERNEL ZERO-DAY EXPLOIT (CVE-2021-1732) IS USED BY BITTER APT IN TARGETED ATTACKReddit – Netsec – Feb 10 2021 20:31submitted by /u/hviniciusg [link]…
Authorities arrest SIM swapping gang that targeted celebritiesZDNet Security – Feb 10 2021 14:08Eight men were arrested in England and Scotland as part of an investigation into a series of SIM swapping attacks targeting US celebrities.

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal