16 January 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
APT41 7 10
Winnti Trojan 5 7
SoftCell 3 3
Turla APT Group 4 23
Winnti Group 3 7
JokerStash 2 2
Chimera APT 2 7
APT35 2 10
URSNIF 2 7
Clop Ransomware 2 5
Data Breaches
Co: Pitkin County COVID-19 case investigations inadvertently exposed onlineOffice of Inadequate Security – Jan 15 2021 13:55PITKIN COUNTY, Colo., Jan. 14, 2021 /PRNewswire/ — Pitkin County learned of an incident that may affect the privacy of…
Amazon’s Ring Neighbors app exposed users’ precise locations and home addressesDataBreaches.net – Jan 15 2021 13:58Zack Whittaker reports: A security flaw in Ring’s Neighbors app was exposing the precise locations and home addresses of users who had posted to the app. Ring, the video doorbell and home security startup acquired by Amazon for $1 billion, launched…
Excellus to pay $5 million to settle charges stemming from breach that impacted 9.3 millionOffice of Inadequate Security – Jan 15 2021 23:17Excellus Health Plan, Inc. has agreed to pay $5.1 million to the Office for Civil Rights (OCR) at the U.S. Department of…
Experts Insight On Mimecast BreachInformation Security Buzz – Jan 15 2021 12:46Cloud-based email management company Mimecast recently disclosed that a threat actor obtained one of its digital certificates and used it to gain access to some of its clients’ Microsoft 365… The ISBuzz Post: This Post …
Hacker Groups
Winnti APT continues to target game developers in Russia and abroadTerabitWeb Blog – RSS – Jan 15 2021 14:13Original Post from Security Affairs Author: Pierluigi Paganini A Chinese Threat actor targeted organizations in…
Experts Insight On APT35 Recent Phishing AttacksInformation Security Buzz – Jan 15 2021 12:14It has been reported that the Iranian group APT35 (also known as Charming Kitten or Phosphorus) executed sophisticated spear-phishing campaigns that involved not only email attacks but also SMS messages… The ISBuzz Post: This Post …
FIN11 e-crime group shifted to CL0P ransomware and big game huntingTerabitWeb Blog – RSS – Jan 16 2021 00:00Original Post from SC Magazine Author: Derek B. Johnson The financially motivated FIN11, which increasingly…
anon_indonesia – The Anonymous Indonesia News Daily is out! https://t.co/CRizq6I9UG Stories via @AnonymousSwizzanon_indonesia – Twitter – Jan 16 2021 03:14The Anonymous Indonesia News Daily is out! https://paper.li/anon_indonesia/1435572762?edition_id=fbea2340-57a8-11eb-aed6-002590a5ba2d Stories via @AnonymousSwizz
Malware
The Week in Ransomware – January 15th 2021 – Locking you upBleepingComputer.com – Jan 15 2021 22:37It has been another quiet week for ransomware, though we did have some interesting stories come out this week. […]
Ransomware attacks now to blame for half of healthcare data breachesZDNet Security – Jan 15 2021 13:03Almost half of data breaches at hospitals were because of ransomware attacks – and those attacks could've been prevented with timely patching.
Scotland environmental regulator hit by ‘ongoing’ ransomware attackBleepingComputer.com – Jan 15 2021 16:22The Scottish Environment Protection Agency confirmed on Thursday that some of its contact center, internal systems, processes and internal communications were affected following a ransomware attack that took place on Christmas Eve. […]
ZDNet – Ransomware attacks now to blame for half of healthcare data breaches https://t.co/fhKx5iu1qWZDNet – Twitter – Jan 15 2021 19:45Ransomware attacks now to blame for half of healthcare data breaches…
Vulnerabilities
Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’Threatpost.com – Jan 15 2021 21:47Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472.
InfoSecHotSpot – Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’ Starting Feb. 9, Microsoft will enable Domain Contro… https://t.co/F69qLlGVGDInfoSecHotSpot – Twitter – Jan 16 2021 00:28Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’ Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472. https://bit.ly/2LB3eff…
CVEnew – CVE-2020-24640 There is a vulnerability caused by insufficient input validation that allows for arbitrary command e… https://t.co/NrOrzRXTgQCVEnew – Twitter – Jan 15 2021 19:45CVE-2020-24640 There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of…
CVEnew – CVE-2020-24641 In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an… https://t.co/rZF8a1jmVHCVEnew – Twitter – Jan 15 2021 19:45CVE-2020-24641 In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform…
Ongoing Campaigns
Trojans Roar Back to Prominence in 2021Cyware – Jan 15 2021 19:24The year 2021 has just set in and it’s pouring trojans! It is no surprise that cybercriminals reaped fortunes in 2020, seeking different ways to propagate malware threats, especially trojans, during the global pandemic. While the number of such…
Revealed: Sophisticated ‘Watering Hole’ Attack – But By Whom?Security Bloggers Network – Jan 15 2021 19:05
What are Chinese APT Groups Up to?Cyware – Jan 15 2021 20:28Recently, a Chinese state-sponsored APT group targeted at least five online gambling firms . The adoption of ransomware tactics points to the fact that these APT groups are aiming for financial gains as these attacks don’t count as espionage targets….
XSS vulnerability affects government websitesIT Security Guru – Jan 15 2021 17:07An undisclosed Cross-Site Scripting (XSS) vulnerability in Apache Velocity Tools can be exploited by unauthenticated attackers to target government sites, including NASA, BleepingComputer reported today . Although 90 days have elapsed since the…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal