17 February 2021
This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.
Heat – Trending Malware and Threat Actors
| Name | Heat 1 | Heat 7 | Vol 1 | Vol 7 |
|---|---|---|---|---|
| Exaramel Backdoor |  |
 |
23 | 32 |
| Sandworm Team | |
|
14 | 28 |
| PAS Web Shell | |
 |
10 | 11 |
| Chuckling Squad | |
|
5 | 5 |
| Maze Ransomware |  |
 |
5 | 12 |
| Fenrir Ransomware | |
|
3 | 3 |
| Clop Ransomware | |
|
4 | 10 |
| Sekhmet Ransomware | |
|
3 | 3 |
| NotPetya Ransomware | |
|
4 | 9 |
| APT28 | |
|
3 | 6 |
Data Breaches
One sticker could have exposed your Telegram secret chatsHackRead – Feb 16 2021 15:52The flaw originated in the way the app handled animated stickers and how the Telegram secret chat functionality operated. Italian cybersecurity firm Shielder disclosed the now-patched flaw identified in the Telegram messaging app. The flaw could have…
124 Million Rows of Customer Data Exposed Through Leaky Adorcam DatabaseHOTforSecurity – Feb 16 2021 12:25…
A Sticker Sent On Telegram Could Have Exposed Your Secret ChatsMalwareTips.com – Feb 16 2021 08:31Cybersecurity researchers on Monday disclosed details of a now-patched flaw in the Telegram messaging app that could have exposed users' secret messages, photos, and videos to remote… Click to expand……
🚨 One sticker could have exposed photos, videos, and secret messages of #Telegram users.
Details: hxxps://www[.]hackread[.]com/sticker-exposed-telegram-secret-chats/
#Security #Privacy #Vulnerability #Encryption #Chat
HackRead – Twitter – Feb 16 2021 15:54🚨 One sticker could have exposed photos, videos, and secret messages of #Telegram users.Details: hxxps://www[.]hackread[.]com/sticker-exposed-telegram-secret-chats/
#Security #Privacy #Vulnerability #Encryption #Chat
Hacker Groups
The Chuckling Squad has targeted celebrities and other high profile social media users with SIM swapping attacks. hxxps://bit[.]ly/3u7cusPmotherboard – Twitter – Feb 16 2021 16:50The Chuckling Squad has targeted celebrities and other high profile social media users with SIM swapping attacks. hxxps://bit[.]ly/3u7cusP
The Chuckling Squad has targeted celebrities and other high-profile social media users with SIM swapping attacks.
hxxps://bit[.]ly/3rXWGa3VICE – Twitter – Feb 17 2021 04:00The Chuckling Squad has targeted celebrities and other high-profile social media users with SIM swapping attacks.
hxxps://bit[.]ly/3rXWGa3
hxxps://bit[.]ly/3rXWGa3VICE – Twitter – Feb 17 2021 04:00The Chuckling Squad has targeted celebrities and other high-profile social media users with SIM swapping attacks.
hxxps://bit[.]ly/3rXWGa3
Dark web operator JokerStash retires after making $2.9B in BTC: reportIQ Stock Market – Feb 16 2021 12:34Known only by his pseudonym JokerStash, he allegedly operated the world’s largest stolen credit cards marketplace. An analytics firm estimates he made at…
Sandworm in French software supply chain. DPRK hacked COVID vaccine providers? Iran’s Static Kitten active against UAE targets.The CyberWire – Feb 16 2021 16:26France's information security agency ANSSI said yesterday that they’d determined a Russian threat actor has been active against French targets from 2017 to 2020. ANSSI didn’t flatly say which group was responsible, but it did note, according to…
Malware
Egregor ransomware hit by arrestsMalwarebytes Unpacked – Feb 16 2021 17:15In a collaboration between French and Ukranian law enforcement, arrests have been made that might put a dent in one of the world’s most sophisticated ransomware operations. As reported first by …
– Egregor ransomware operators and other staff have been arrested and equipment has been seized. Egregor are behind many big ransomware incidents, and I understand police are working through to other groups, too.
hxxps://www[.]computerweekly[.]com/news/252496384/Egregor-ransomware-associates-arrested-amid-disruption
GossiTheDog – Twitter – Feb 17 2021 00:32– Egregor ransomware operators and other staff have been arrested and equipment has been seized. Egregor are behind many big ransomware incidents, and I understand police are working through to other groups,…Malware increased by 358% in 2020 A research study conducted by Deep Instinct reports on the hundreds of millions of attempted cyberattacks that occurred every day throughout 2020 showing malware increased by 358% overall and ransomware increased by 43… hxxps://bit[.]ly/2NeNxen hxxps://twitter[.]com/InfoSecHotSpot/status/1361928799991037952/photo/1InfoSecHotSpot – Twitter – Feb 17 2021 06:41Malware increased by 358% in 2020 A research study conducted by Deep Instinct reports on the hundreds of millions of attempted cyberattacks that occurred every day throughout 2020 showing malware increased by 358% overall and ransomware increased by…
Law firm Jones Day hit by Clop ransomware attack with files stolenSiliconANGLE – Feb 17 2021 02:56International law firm Jones Day has been targeted in a ransomware attack with those behind the cyberattack dumping stolen files on the internet. First reported by DataBreaches[.]net, the attack is believed to have involved the Clop ransomware gang,…
Vulnerabilities
Security teams struggling to stay ahead of vulnerabilities are stretched thinner and thinner. Risk-based vulnerability management offers a smarter approach by helping teams focus on flaws that pose the greatest immediate risk. More in this report: hxxps://bit[.]ly/3rSCAxQDarkReading – Twitter – Feb 16 2021 15:45Security teams struggling to stay ahead of vulnerabilities are stretched thinner and thinner. Risk-based vulnerability management offers a smarter approach by helping teams focus on flaws that pose the greatest immediate risk. More in this report:…
Unpatched ShareIT Android App Flaw Could Let Hackers Inject MalwareMalwareTips.com – Feb 16 2021 14:24Multiple unpatched vulnerabilities have been discovered in SHAREit, a popular app with over one…
Telegram flaw could have allowed access to users secret chatsSecurity Affairs – Feb 16 2021 22:11Experts at Shielder disclosed a flaw in the Telegram app that could have exposed users’ secret messages, photos, and videos to remote attackers. Researchers at cyber security firm …
@ShielderSec #Telegram flaw could have allowed access to users secret chats
hxxps://securityaffairs[.]co/wordpress/114653/hacking/telegram-flaw-access-secret-chats.html
#securityaffairs #hackingsecurityaffairs – Twitter – Feb 16 2021 22:14@ShielderSec #Telegram flaw could have allowed access to users secret chats
hxxps://securityaffairs[.]co/wordpress/114653/hacking/telegram-flaw-access-secret-chats.html
#securityaffairs #hacking
hxxps://securityaffairs[.]co/wordpress/114653/hacking/telegram-flaw-access-secret-chats.html
#securityaffairs #hackingsecurityaffairs – Twitter – Feb 16 2021 22:14@ShielderSec #Telegram flaw could have allowed access to users secret chats
hxxps://securityaffairs[.]co/wordpress/114653/hacking/telegram-flaw-access-secret-chats.html
#securityaffairs #hacking
Ongoing Campaigns
DDoS attacks in Q4 2020Securelist – Feb 16 2021 10:02News overview Cybercriminals are constantly on the lookout for means and methods to make attacks more destructive. In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface….
Attacks targeting IT firms stir concern, controversyWeLiveSecurity RSS – Feb 17 2021 01:20The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool The post …
Microsoft: Web Shells Attacks Spreading Like WildfireCyware – Feb 16 2021 20:28From a tool for script kiddies to the arsenal of ransomware gangs and nation-state hackers, web shells have become crucial tools used by hackers in complex intrusions. Due to the versatility and access provided by web shells, the volume of such…
Preventing CSRF AttacksSecurity Bloggers Network – Feb 16 2021 17:45 Cross-site request forgery (CSRF, sometimes pronounced ???sea surf??? and not to be confused with…
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.
