12 April 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
The Joker Malware 6 10
Stuxnet 4 6
Lazarus Group 4 16
Vyveva Backdoor 4 40
EMOTET Trojan 4 20
Strider Hack Group 1 2
Shiny Hunters 1 1
NanoCore RAT 1 1
Goblin Panda 1 11
Cring Ransomware 2 41
Data Breaches
Detecting Exposed Cobalt Strike DNS Redirectors
#infosec
 

hxxps://labs[.]f-secure[.]com/blog/detecting-exposed-cobalt-strike-dns-redirectorsrootsecdev – Twitter – Apr 12 2021 02:04Detecting Exposed Cobalt Strike DNS Redirectors
#infosec

hxxps://labs[.]f-secure[.]com/blog/detecting-exposed-cobalt-strike-dns-redirectors

RT @rootsecdev: Detecting Exposed Cobalt Strike DNS Redirectors
#infosec
 

hxxps://labs[.]f-secure[.]com/blog/detecting-exposed-cobalt-strike-dns-redirectorsrootsecdev – Twitter – Apr 12 2021 05:17RT @rootsecdev: Detecting Exposed Cobalt Strike DNS Redirectors
#infosec

hxxps://labs[.]f-secure[.]com/blog/detecting-exposed-cobalt-strike-dns-redirectors

Clubhouse data leak: 1.3 million scraped user records leaked online for freeMalwareTips.com – Apr 11 2021 13:01o far, it seems like it’s been the worst week of the year for social media platforms in terms of data leaks, with Clubhouse seemingly joining the fray. Days after scraped data from more… Click to expand……
Clubhouse Data Leak 🕵️🖥️⏳📡 hxxps://twitter[.]com/CryptoInsane/status/1381256381890752516/photo/1CryptoInsane – Twitter – Apr 11 2021 14:42Clubhouse Data Leak 🕵️🖥️⏳📡 hxxps://twitter[.]com/CryptoInsane/status/1381256381890752516/photo/1
Hacker Groups
Vietnam successfully handles APT attacksSai Gon Giai Phong Online – Apr 12 2021 03:09Most APT criminals are supported by a huge resource to carry out large-scaled attacks against economic and political organizations. At the beginning of this April, APT Cycldek planned to launch several-month-long attack to governmental bodies in…
hacktivism is back but Anonymous really isn’tGreySec Forums – Apr 12 2021 04:11It turns out hacktivism is back: hxxps://www[.]darkreading[.]com/the-state-of…id/1338382…
Malware
This is the most important lesson of Stuxnet: the option wasn’t Stuxnet vs. nothing., the option was a cyber attack vs. explosives.ErrataRob – Twitter – Apr 12 2021 01:30This is the most important lesson of Stuxnet: the option wasn’t Stuxnet vs. nothing., the option was a cyber attack vs. explosives.
New REvil Ransomware Version Automatically Logs Windows into Safe ModeE Hacking News – Apr 11 2021 09:03The REvil Ransomware is unstoppable when it comes to ingenious hacking tactics and techniques. The well-known ransomware has escalated its attack vector once again, this time by changing the victim’s login password in order to reboot the computer…
NanoCore RAT – C&C Operator ChatMalwareTips.com – Apr 11 2021 19:17
Vulnerabilities
What does the third zero-day flaw of 2021 tell us about the security of Chrome as a whole? 

@BernieBrode looks at the issues surrounding the safety of the web’s most used browser.

#cybersecurity #infosec
hxxps://www[.]tripwire[.]com/state-of-security/featured/digging-into-third-zero-day-chrome-flaw-2021/
TripwireInc – Twitter – Apr 11 2021 23:00What does the third zero-day flaw of 2021 tell us about the security of Chrome as a whole?

@BernieBrode looks at the issues surrounding the safety of the web’s most used browser.

#cybersecurity…

Mass scanning activity detected from 117.222.117.178 (🇮🇳) targeting F5 BIG-IP servers vulnerable to CVE-2020-5902 (hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2020-5902). #threatintel hxxps://twitter[.]com/bad_packets/status/1381310796332888069/photo/1bad_packets – Twitter – Apr 11 2021 18:18Mass scanning activity detected from 117.222.117.178 (🇮🇳) targeting F5 BIG-IP servers vulnerable to CVE-2020-5902 (hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2020-5902). #threatintel…
#Cisco will not release updates to fix critical #RCE flaw in EoF Business Routers
hxxps://securityaffairs[.]co/wordpress/116598/security/rce-eof-cisco-business-routers.html
#securityaffairs #hacking
securityaffairs – Twitter – Apr 11 2021 08:53#Cisco will not release updates to fix critical #RCE flaw in EoF Business Routers
hxxps://securityaffairs[.]co/wordpress/116598/security/rce-eof-cisco-business-routers.html
#securityaffairs #hacking
#Cisco will not release updates to fix critical #RCE flaw in EoF Business Routers,,,
hxxps://securityaffairs[.]co/wordpress/116598/security/rce-eof-cisco-business-routers.html
#securityaffairs #hacking
securityaffairs – Twitter – Apr 11 2021 20:07#Cisco will not release updates to fix critical #RCE flaw in EoF Business Routers,,,
hxxps://securityaffairs[.]co/wordpress/116598/security/rce-eof-cisco-business-routers.html
#securityaffairs #hacking
Ongoing Campaigns
Security Affairs newsletter Round 309Security Affairs – Apr 11 2021 09:04A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box….
How Tripwire Can Help U.S. Federal Agencies Implement the CIS ControlsSecurity Bloggers Network – Apr 12 2021 03:00Digital attackers are increasingly launching sophisticated campaigns in an effort to target U.S. federal agencies and other organizations. Two recent examples demonstrate this reality. These are the SolarWinds supply chain attack and the HAFNIUM…
Messaging / Smishing Attacks Cyber attackers can just as easily trick or fool you in messaging apps as they can in email. Be on the look-out for scams or attacks via apps such as Slack, Skype, WhatsApp or event simple text messaging. The most common cl… hxxps://bit[.]ly/3mBMcvFInfoSecHotSpot – Twitter – Apr 12 2021 03:41Messaging / Smishing Attacks Cyber attackers can just as easily trick or fool you in messaging apps as they can in email. Be on the look-out for scams or attacks via apps such as Slack, Skype, WhatsApp or event simple text messaging. The most common…
RT @two_minwarning: Hackers Exploit Unpatched VPNs to Install Ransomware on Industrial Targets Unpatched Fortinet VPN devices are being targeted in a series of attacks against industrial enterprises in Europe to deploy a new strain of ransomware called “Cring” inside corpor… hxxps://ift[.]tt/3msTKARkfalconspb – Twitter – Apr 11 2021 19:50RT @two_minwarning: Hackers Exploit Unpatched VPNs to Install Ransomware on Industrial Targets Unpatched Fortinet VPN devices are being targeted in a series of attacks against industrial enterprises in Europe to deploy a new strain of ransomware…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

 

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal