13 January 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Sunspot Malware 28 53
DarkSide Ransomware 16 31
BumbleBee Web Shell 6 11
Turla APT Group 6 19
Turla Malware 5 6
OSAMiner 5 6
Kazuar Backdoor Trojan 6 44
Turla Spyware 4 18
StellarParticle 3 3
The Shadow Brokers 3 3
Data Breaches
Vulnerable Database Exposed UN Employees’ DataBankInfoSecurity – Jan 12 2021 16:11Researchers Identified Flaw in GitHub Repository for UN…
United Nations Security Flaw Exposed 100K Staff RecordsDark Reading: – Jan 12 2021 21:55Security researchers have disclosed a vulnerability they exploited to access more than 100,000 private employee records.
Instagram, Facebook and LinkedIn accounts exposed by Chinese Data-ScrapersIT Security Guru – Jan 12 2021 11:04Around 318 million social media account records, from platforms such as Instagram, Facebook and LinkedIn have been leaked online after SocialArks experience a cloud misconfiguration. Over 400GB of private and public data from 214 million social-media…
Securityblog – Social media accounts exposed by Data-Scrapers – IT Security Guru https://t.co/vwAWNFCEYCSecurityblog – Twitter – Jan 12 2021 11:07Social media accounts exposed by Data-Scrapers – IT Security Guru https://www.itsecurityguru.org/2021/01/12/instagram-facebook-and-linkedin-accounts-exposed-by-chinese-data-scrapers/
Hacker Groups
What is Chuckling Squad? Jason Derulo’s Twitter hacked by group that hit Jack Dorsey and Mariah Carey’s accountsMEAWW – Jan 13 2021 03:24Jasin Derulo happens to be the latest victim of the notorious group of Twitter hackers who go by the name ‘Chuckling Squad’. Their high-profile list of cybersecurity breaches includes Twitter CEO Jack Dorsey, singer Mariah Carey and actor Adam…
TeamTNT Botnet Further Evolves with Environment Setup CapabilitiesCyware – Jan 12 2021 19:24Active since April, the TeamTNT botnet is typically a cryptojacking operation, known for downloading the XMRig cryptomining tool to mine Monero. However, in the recent variants, its scripts have been enhanced to perform additional functionalities…
x0rz – Is this the ShadowBrokers all over again? This is going to be interesting 🤔x0rz – Twitter – Jan 12 2021 20:38Is this the ShadowBrokers all over again? This is going to be interesting 🤔
Malware
Sunspot, the third malware involved in the SolarWinds supply chain attackSecurity Affairs – Jan 12 2021 11:41Cybersecurity firm CrowdStrike announced to have discovered a third malware strain, named Sunspot, directly involved in the SolarWinds supply chain attack. According to a new report published by the cybersecurity firm Crowdstrike,…
DarkSide ransomware decryptor recovers victims’ files for freeDataBreaches.net – Jan 12 2021 12:54Sergiu Gatlan reports: Romanian cybersecurity firm Bitdefender has released a free decryptor for the DarkSide ransomware to allow victims to recover their files without paying a ransom. DarkSide is a human-operated ransomware that has already earned…
EduardKovacs – CrowdStrike shares an analysis of Sunspot, a piece of malware that was used by hackers to insert the Sunburst backd… https://t.co/ekvKl2XG5IEduardKovacs – Twitter – Jan 12 2021 13:33CrowdStrike shares an analysis of Sunspot, a piece of malware that was used by hackers to insert the Sunburst backdoor into SolarWinds’ Orion product in the recent supply chain attack….
EduardKovacs – Bitdefender has released a free decryptor for DarkSide, a piece of ransomware that allegedly helped cybercriminals… https://t.co/d8HeLRhKCMEduardKovacs – Twitter – Jan 12 2021 09:19Bitdefender has released a free decryptor for DarkSide, a piece of ransomware that allegedly helped cybercriminals make millions from targeted companies….
Vulnerabilities
CVEnew – CVE-2021-1638 Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1683, CVE… https://t.co/IvZMVr9eOICVEnew – Twitter – Jan 12 2021 20:45CVE-2021-1638 Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1683, CVE-2021-1684. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1638
CVEnew – CVE-2021-1684 Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE… https://t.co/QxjKfvKEQuCVEnew – Twitter – Jan 12 2021 20:46CVE-2021-1684 Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1684
CVEnew – CVE-2021-1683 Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE… https://t.co/ZDCGKcprojCVEnew – Twitter – Jan 12 2021 20:46CVE-2021-1683 Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1683
CVEnew – CVE-2021-1641 Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-1717. https://t.co/gMFvdkm6UoCVEnew – Twitter – Jan 12 2021 20:45CVE-2021-1641 Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-1717. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1641
Ongoing Campaigns
Researchers Caught a North Korean Group Trying Out a New Hiding TrickCyware – Jan 12 2021 19:24Recently, North Korean hacker group APT37 (aka ScarCruft) has applied an alternative method to target victims in South Korea via self-decoding VBA Office files for the first time. According to Malwarebytes, the group has switched to this technique to…
Preventing and Responding to Supply Chain Attacks with Effective SegmentationGuardiCore Blog – Jan 12 2021 23:43The recent SolarWinds incident is a stark reminder that we all should re-evaluate the blind trust we put into third-party…
Ryuk: This Criminal Enterprise has Earned Millions in RansomCyware – Jan 12 2021 19:24Ryuk, a well-known ransomware family, has achieved a milestone by collecting more than $150 million in ransom. In a joint report , a threat intel company and cybersecurity firm tracked payments to 61 Bitcoin wallet addresses that were previously…
virusbtn – Kaspersky researchers found code overlap between the Sunburst malware used in the SolarWinds supply chain attack an… https://t.co/oWjJt0dPP9virusbtn – Twitter – Jan 12 2021 13:54Kaspersky researchers found code overlap between the Sunburst malware used in the SolarWinds supply chain attack and a backdoor known as Kazuar, linked to the Turla APT group https://securelist.com/sunburst-backdoor-kazuar/99981/…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal