11 March 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
BADHATCH Malware 13 13
APT39 13 13
APT35 13 14
FIN8 11 11
APT32 13 13
Winnti Group 6 6
z0miner 5 11
APT27 5 9
Clast82 5 15
Ryuk Ransomware 11 27
Data Breaches
iPhone app exposed other people’s call recordingsMalwarebytes Unpacked – Mar 10 2021 23:02Video and audio are huge privacy concerns for people. If something goes wrong with tech it can have major ramifications. You’re likely very familiar with warnings about …
Exposed Password Gave Hackers Access to 150,000 CamerasInfosecurity – Latest News – Mar 10 2021 10:35Exposed Password Gave Hackers Access to 150,000 Cameras Hacktivists claim to have successfully targeted a leading manufacturer of surveillance cameras, enabling them to access the live feeds of 150,000 cameras around the world, according to a new…
‘Automatic Call Recorder’ App Exposed Thousands of Conversation ClipsTechNadu – Mar 10 2021 12:18Users of the “Automatic Call Recorder” app have had their private calls exposed via an unprotected AWS bucket. The exposure time was at least 10 days, so it is unlikely that hackers haven’t scrapped the 300 GB of accessible data. The database has been…
Exposed Password Gave Hackers Access to 150,000 Cameras hxxps://www[.]infosecurity-magazine[.]com/news/exposed-passwor-hackers-access?utm_source=twitterfeed&utm_medium=twitterInfosecurityMag – Twitter – Mar 10 2021 10:35Exposed Password Gave Hackers Access to 150,000 Cameras hxxps://www[.]infosecurity-magazine[.]com/news/exposed-passwor-hackers-access?utm_source=twitterfeed&utm_medium=twitter
Hacker Groups
Hafnium hack poses extended threatDefenseSystems Online – All Articles and Blogs – Mar 10 2021 16:53IT teams have a long road ahead of them as they work to find and root out all vestiges of the Hafnium hack in their Microsoft Exchange systems.
TeamTNT Targets AWS InstancesIBM X-Force Exchange – Advisory Tag – RSS – Mar 10 2021 16:03Summary TeamTNT is known to attack cloud services with intent to steal credentials, perform cryptojacking, or install backdoors. Trend Micro reports on a specific script used by the group to steal AWS credentials. Threat Type Malware Overview Trend Micro…
Hafnium hack poses extended threat IT teams have a long road ahead of them as they work to find and root out all vestiges of the Hafnium hack in their Microsoft Exchange systems. hxxps://bit[.]ly/3cfgXSo hxxps://twitter[.]com/InfoSecHotSpot/status/1369629429207625730/photo/1InfoSecHotSpot – Twitter – Mar 10 2021 12:41Hafnium hack poses extended threat IT teams have a long road ahead of them as they work to find and root out all vestiges of the Hafnium hack in their Microsoft Exchange systems. hxxps://bit[.]ly/3cfgXSo…
Global Advanced Persistent Threat Protection Market Forecast up to 2024TheTechnologyMarket.com – Mar 10 2021 08:07: Drivers, Restraints, Opportunities, Trends, and Forecast up to 2024 Overview: The cybersecurity industry is among the fastest growing industries, which provide tremendous economic opportunities but face continuous evolving cyber terrorism and data…
Malware
REvil ransomware gang claims over $100 million profit in a yearDDoS Attacks – Mar 10 2021 18:26REvil ransomware developers say that they made more than $100 million in one year by extorting large businesses across the world from various sectors. They are driven by profit and want to make $2 billion from their ransomware service,…
GandCrab Ransomware Affiliate Member Was Arrested For Phishing AttacksHeimdal Security Blog – Mar 10 2021 15:48GandCrab malware is spread via an executable binary file which is returned after GandCrab is running on the local machine as a file called “bhxsew[.]exe”. During the process, the ransomware will try to collect and determine the external IP…
Signed BitRAT samples recently 📈 from 0…
🤔
malwrhunterteam – Twitter – Mar 10 2021 11:35Signed BitRAT samples recently 📈 from 0…
🤔
Vulnerabilities
A critical pre-auth RCE flaw (CVE-2021-22986) has been discovered in the F5’s Big-IP and BIG-IQ #software — Patch ASAP!

Read details: hxxps://thehackernews[.]com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html

Besides this, a few other newly reported flaws also result in a denial of service (DoS) attack.

#infosec #cybersecurityTheHackersNews – Twitter – Mar 11 2021 06:05A critical pre-auth RCE flaw (CVE-2021-22986) has been discovered in the F5's Big-IP and BIG-IQ #software — Patch ASAP!

Read details: hxxps://thehackernews[.]com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html

Besides this, a few other newly…

A critical pre-auth RCE flaw (CVE-2021-22986) has been discovered in the F5’s Big-IP and BIG-IQ #software — Patch ASAP!

Read details: hxxps://thehackernews[.]com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html?utm_source=social_share

Besides this, a few other newly reported flaws also result in a denial of service (DoS) attack.

#infosec #cybersecurityunix_root – Twitter – Mar 11 2021 06:35A critical pre-auth RCE flaw (CVE-2021-22986) has been discovered in the F5's Big-IP and BIG-IQ #software — Patch ASAP!

Read details: hxxps://thehackernews[.]com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html?utm_source=social_share

Besides…

RT @TheHackersNews: A critical pre-auth RCE flaw (CVE-2021-22986) has been discovered in the F5’s Big-IP and BIG-IQ #software — Patch ASAP!

Read details: hxxps://thehackernews[.]com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html

Besides this, a few other newly reported flaws also result in a denial of service (DoS) attack.

#infosec #cybersecurityCERT_at – Twitter – Mar 11 2021 06:41RT @TheHackersNews: A critical pre-auth RCE flaw (CVE-2021-22986) has been discovered in the F5's Big-IP and BIG-IQ #software — Patch ASAP!

Read details: hxxps://thehackernews[.]com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html

Besides this,…

Regarding CVE-2021-24078 (new DNS vulnerability), not SIGred – I think this will have a similar journey, I don’t expect a quick turnaround to RCE.GossiTheDog – Twitter – Mar 10 2021 14:15Regarding CVE-2021-24078 (new DNS vulnerability), not SIGred – I think this will have a similar journey, I don't expect a quick turnaround to RCE.
Ongoing Campaigns
Hiding Among Friends | How To Beat The New Breed of Supply Chain AttacksSentinelOne – Mar 10 2021 18:31If there’s any good to come out of the recent FireEye/SolarWinds breach, it may just be a…
10 groups now targeting Hafnium Microsoft Exchange vulnerabilitiesSC Magazine US – Mar 10 2021 16:19The Visitor’s Center at Microsoft Headquarters campus in Redmond, Washington. Ten different threat groups or otherwise unique clusters of breaches have used a chain of vulnerabilities Microsoft patched in Exchange Server. (Stephen Brashear/) Security…
Hackers Waging ‘Living Off the Land’ Attacks on AzureData Breach Today – Mar 10 2021 18:07Microsoft Shares Threat Detection and Mitigation Strategies Microsoft is warning users of its Azure cloud platform that hackers are using several "living-off-the-land" attack techniques to evade security measures, escalate privileges and deploy…
GandCrab ransomware affiliate arrested for phishing attacks hxxps://www[.]bleepingcomputer[.]com/news/security/gandcrab-ransomware-affiliate-arrested-for-phishing-attacks/Securityblog – Twitter – Mar 10 2021 14:26GandCrab ransomware affiliate arrested for phishing attacks hxxps://www[.]bleepingcomputer[.]com/news/security/gandcrab-ransomware-affiliate-arrested-for-phishing-attacks/

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal