17 March 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
PYSA Ransomware 15 15
Mustang Panda 12 12
RedDelta 9 9
Mirai Trojan 9 13
FluBot Android Banking Trojan 7 13
Sunburst Backdoor 12 16
Magecart Group 5 5
WannaCry Ransomware 8 24
ZHtrap 4 15
Dridex Malware 4 11
Data Breaches
RT @Secnewsbytes: smogcloud: Find exposed AWS cloud assets • Penetration Testing hxxps://securityonline[.]info/smogcloud-find-exposed-aws-cloud-assets/Secnewsbytes – Twitter – Mar 16 2021 12:49RT @Secnewsbytes: smogcloud: Find exposed AWS cloud assets • Penetration Testing hxxps://securityonline[.]info/smogcloud-find-exposed-aws-cloud-assets/
Experts On MoD Information Exposed To Hostile StatesInformation Security Buzz – Mar 16 2021 12:47It was recently revealed that secret information from the Ministry of Defence has been continuously exposed to hostile states because they were transferred from secure networks to personal email accounts. It… The ISBuzz Post: This Post…
Sensitive data from US shipping management software firm exposed onlineHackRead – Mar 16 2021 14:26According to researchers, 103 GB worth of data belonging to New Jersy based Descartes Aljex Software was left exposed on a misconfigured AWS S3 Bucket. During their routine server scans for potential vulnerabilities, the Website Planet Team discovered…
21 months after a ransomware attack, a business associate breach first shows up on HHS’s breach tool. Here’s why.Office of Inadequate Security – Mar 16 2021 17:05HIPAA Journal reports on an incident that is illustrative of the challenges entities may face in the wake of a ransomware…
Hacker Groups
Microsoft Releases Exchange On-Premises Mitigation Tool to Address Hafnium Attacks QuicklyTweaks.com – Mar 16 2021 21:24Microsoft on Tuesday announced the release of a one click tool to apply temporary security protections against the recent Exchange Server attacks from the Hafnium advanced persistent threat group and other attackers. The Hafnium purported nation state…
Microsoft releases one-click mitigation tool for “Hafnium” Exchange vulnerabilityTweaks.com – Mar 16 2021 15:26Microsoft has taken an important new step to help customers protect themselves against the “Hafnium” Exchange vulnerability with the release of a new one click mitigation tool . This follows the release of a previous update for its Exchange Server…
McAfee uncovers espionage campaign aimed at major telecommunication companies The security company said the attacks were attributed to RedDelta and Mustang Panda, both of which are allegedly based in China. hxxps://tek[.]io/3tn0ouu hxxps://twitter[.]com/InfoSecHotSpot/status/1372060450687434757/photo/1InfoSecHotSpot – Twitter – Mar 17 2021 05:41McAfee uncovers espionage campaign aimed at major telecommunication companies The security company said the attacks were attributed to RedDelta and Mustang Panda, both of which are allegedly based in China. hxxps://tek[.]io/3tn0ouu…
Magecart Attackers Save Stolen Credit-Card Data in .JPG FileThreatpost.com – Mar 16 2021 16:40Researchers from Sucuri discovered the tactic, which creatively hides malicious activity until the info can be retrieved, during an investigation into a compromised Magento 2 e-commerce site.
Malware
New Mirai Variant and ZHtrap Botnet Malware Emerge in the WildTHN : The Hacker News – Mar 16 2021 10:32Cybersecurity researchers on Monday disclosed a new wave of ongoing attacks exploiting multiple vulnerabilities to deploy Mirai variants on compromised systems. "Upon successful exploitation, the attackers try to download a malicious shell script,…
DearCry! Ransomware analysisReverse Engineering – Mar 16 2021 21:54submitted by /u/Trolling_turd [link] [comments]
FBI Warns of PYSA Ransomware Attacks on Education Institutions in US, UKSecurityWeek RSS Feed – Mar 17 2021 04:30An alert issued on Tuesday by the FBI warns about an increase in PYSA ransomware attacks on education institutions in the United States and the United Kingdom. …
New Enhancements in Darkside Ransomware: How Far will it Go?Cyware – Mar 16 2021 20:28Operators of the Darkside ransomware claim to have updated their malware with several enhancements in an attempt to promote this ransomware-as-a-service. Darkside 2.0 features quite a few enhancements. What was discovered? A message posted by the…
Vulnerabilities
Microsoft Windows Containers DP API Cryptography FlawExploit Files ≈ Packet Storm – Mar 16 2021 14:20Microsoft Windows Containers suffers from a DP API design flaw where encryption keys are shared and reused between images.
Google disclose another Chrome zero-day flawIT Security Guru – Mar 16 2021 10:56Google is warning Mac, Window and Linux users of a third zero-day flaw that has been found in Google Chrome. This is the third Google Chrome zero-day vulnerability to be disclosed in the past three months. The flaw, tracked as CVE-2021-21193, has a…
CVE-2021-20218 A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. T… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-20218CVEnew – Twitter – Mar 16 2021 22:45CVE-2021-20218 A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working…
CVE-2021-3344 A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during buil… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-3344CVEnew – Twitter – Mar 16 2021 23:45CVE-2021-3344 A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during…
Ongoing Campaigns
Another Mirai variant used in attempted hacks on routers, switchesCyberscoop – News – Mar 16 2021 16:04Four years after being used in one of the most powerful distributed denial-of-service attacks on record, the so-called Mirai malware continues to haunt the internet. Researchers on Monday evening revealed that attackers used a new variant of…
Rushed to Market: DearCry Ransomware Targeting Exchange BugBankInfoSecurity – Mar 16 2021 14:41'Unsophisticated' Code Has Scant…
FBI warns of escalating Pysa ransomware attacks on education orgsMalwareTips.com – Mar 16 2021 16:37The Federal Bureau of Investigation (FBI) Cyber Division has warned system administrators and cybersecurity professionals of increased Pysa ransomware activity targeting educational… Click to expand……

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal