11 June 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Gelsemium Malware 6 25
Sodinokibi Ransomware 20 91
Ryuk Ransomware 8 21
APT41 4 5
APT29 8 11
PuzzleMaker 5 35
AgentTesla Keylogger 4 8
SystemBC Malware 2 3
LokiBot Trojan 2 3
Evil Corp 2 16
Data Breaches
GitHub Starts Scanning for Exposed Package Registry Credentials hxxps://www[.]securityweek[.]com/github-starts-scanning-exposed-package-registry-credentialsSecurityWeek – Twitter – Jun 11 2021 02:00GitHub Starts Scanning for Exposed Package Registry Credentials hxxps://www[.]securityweek[.]com/github-starts-scanning-exposed-package-registry-credentials
GitHub Starts Scanning for Exposed Package Registry CredentialsSecurity Week – Jun 10 2021 13:52GitHub this week announced that it has started scanning code hosted on its platform for package registry credentials, including RubyGems and PyPI secrets. The scanning is performed via GitHub secret scanning, a service meant to identify exposed…
Query Store Hints in Azure SQL Database | Data ExposedTechNet Blogs – Jun 10 2021 16:00In this episode of Data Exposed, Joe Sack, Principal Group Program Manager of SQL Server engine and SQL Hybrid, and Anna Hoffman, Data & Applied Scientist, talk about a new way in Azure SQL Database to optimize the performance of queries when…
Uttarakhand, India Special Task Force Exposed a China Based Money Laundering RacketE Hacking News – Jun 10 2021 08:18The Police of Uttarakhand, India claimed that the web racket has duped naïve investors with at least 250cr Rs by guaranteeing to almost double their money in just 15 days but rather by turning it out in the cryptocurrency. Pawan Kumar Pandey was…
Hacker Groups
What is an Advanced Persistent Threat?Techfunnel – RSS – Jun 10 2021 13:30An advanced persistent threat is a type of attack wherein a hacker or any unauthorized user forcefully accesses a system or a network for a considerable time and it stays there without anyone noticing it. Advanced Persistent Threats (APT)…
Adversary: Remix Kitten – Threat Actor | Crowdstrike Adversary UniverseReddit – BlueTeamSec – RSS – Jun 10 2021 18:04submitted by /u/GuerrillaTom [link]…
Evil Corp Rebranded its Ransomware Operation AgainCyware – Jun 10 2021 20:28A new malware has been discovered, posing as PayloadBIN , which is actually a rebranded ransomware used by the Evil Corp group. It is used by the group to bypass sanctions imposed by the Department of Treasury’s Office of Foreign Assets Control…
PuzzleMaker attacks exploit Windows zero-day, Chrome vulnerabilitiesLifeboat News The Blog – Jun 11 2021 00:22
Malware
Malware Analysis: Agent Tesla Part 2/2 Final Payload AnalysisReverse Engineering – Jun 10 2021 11:29submitted by /u/askasmani [link] [comments]
RT @thinkpoison: Ryuk, Sodinokibi/REvil, Netwalker, Egregor, Maze, Darkside, Avaddon, etc – none of these ever broke into someone’s network. Malware or service-centric defense is a dead end for ransomware – think about the web of intrusion ops that underly them all (also, rip to my dead homies)thegrugq – Twitter – Jun 11 2021 04:04RT @thinkpoison: Ryuk, Sodinokibi/REvil, Netwalker, Egregor, Maze, Darkside, Avaddon, etc – none of these ever broke into someone's network. Malware or service-centric defense is a dead end for ransomware – think about the web of intrusion ops that…
New Ransomware Group Claiming Connection to REvil Gang SurfacesDark Reading – All Stories – Jun 10 2021 22:30'Prometheus' is the latest example of how the ransomware-as-a-service model is letting new gangs scale up operations quickly.
Check Point Software´s May 2021 Most Wanted Malware: Dridex Drops from List While Trickbot Rises to TopCheck Point Blog – Jun 10 2021 11:00Check Point Research (CPR) reports that the Dridex trojan, which is often used in the initial stages of ransomware attacks, has now dropped from the index after being one of the most prevalent malwares in recent months CPR latest Global Threat…
Vulnerabilities
Attackers Leverage SonicWall VPN Flaw to Compromise SRA AppliancesSecurity Week – Jun 10 2021 23:07Malicious hackers are exploiting an old VPN security flaw to compromise SonicWall SRC (secure remote access) devices, according to a warning from security vendor CrowdStrike. The vulnerability in question, tracked as  CVE-2019-7481 , was originally…
Security flaws found in Samsung’s stock mobile apps | TechCrunch hxxps://techcrunch[.]com/2021/06/10/security-flaws-found-in-samsungs-stock-mobile-apps/Secnewsbytes – Twitter – Jun 11 2021 05:54Security flaws found in Samsung’s stock mobile apps | TechCrunch hxxps://techcrunch[.]com/2021/06/10/security-flaws-found-in-samsungs-stock-mobile-apps/
Re: Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) – Speculative Code Store BypassOpen Source Security – Jun 10 2021 12:01Posted by Andrew Cooper on Jun 10 Ah – the link changed, and I thought I'd fixed it.  Clearly not. Thanks – I'll issue a correction to the XSA. ~Andrew
Flaws in Rockwell Software Impact Products From Schneider Electric, GE and Others hxxps://www[.]securityweek[.]com/flaws-rockwell-software-impact-products-schneider-electric-ge-and-others #ICSSecurityWeek – Twitter – Jun 10 2021 15:02Flaws in Rockwell Software Impact Products From Schneider Electric, GE and Others hxxps://www[.]securityweek[.]com/flaws-rockwell-software-impact-products-schneider-electric-ge-and-others #ICS
Ongoing Campaigns
Scams and Phishing Attacks Witness ExplosionCyware – Jun 10 2021 20:28Attackers have now increased their X-rated phishing lures in Business Email Compromise (BEC) attacks. A recent report by a security firm discovered a remarkable 974% spike in social-engineering scams using suggestive materials, normally aimed at…
Windows 10 Targeted by PuzzleMaker Hackers With Zero-Day Attacks hxxps://heimdalsecurity[.]com/blog/windows-10-targeted-by-puzzlemaker-hackers/Secnewsbytes – Twitter – Jun 10 2021 07:52Windows 10 Targeted by PuzzleMaker Hackers With Zero-Day Attacks hxxps://heimdalsecurity[.]com/blog/windows-10-targeted-by-puzzlemaker-hackers/
ALPACA: New TLS Attack Allows User Data Extraction, Code ExecutionSecurity Week – Jun 10 2021 11:52Researchers from three universities in Germany have identified a new TLS attack method that can allow a man-in-the-middle (MitM) attacker to extract user data or execute arbitrary code. The new attack, dubbed ALPACA, has been described as an…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal