18 February 2021
This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.
Heat – Trending Malware and Threat Actors
| Name | Heat 1 | Heat 7 | Vol 1 | Vol 7 |
|---|---|---|---|---|
| Lazarus Group |  |
 |
19 | 23 |
| APOMacroSploit | |
 |
10 | 11 |
| WannaCry Ransomware | |
|
12 | 14 |
| AppleJeus Trojan | |
|
9 | 9 |
| DoppelPaymer Ransomware | |
|
10 | 12 |
| Bluenoroff | |
|
6 | 6 |
| Clop Ransomware | |
|
7 | 14 |
| MassLogger |  |
|
4 | 4 |
| Exaramel Backdoor |  |
|
4 | 38 |
| Conti Ransomware | |
|
4 | 12 |
Data Breaches
Hundreds of Thousands Immigration and COVID Records Exposed in JamaicaSecurity Bloggers Network – Feb 18 2021 01:49Jamaica just experienced a massive data breach that exposed the immigration and COVID-19 records of hundreds of thousands of people who visited the island over the past year. Much of the information found on the exposed server was from Americans….
Healthcare breaches increased over 50% in 2020Help Net Security – News – Feb 18 2021 05:30In 2020, there were 599 healthcare breaches that collectively affected over 26 million individuals. Bitglass’ report takes an in-depth look at the breaches that healthcare organizations faced, comparing them to previous years and revealing key…
Simon Fraser University says server breach exposed ‘personally identifiable’ information | CBC News hxxps://www[.]cbc[.]ca/news/canada/british-columbia/simon-fraser-university-warns-cyberattack-exposed-personal-information-of-students-and-staff-1.5916153?__vfz=medium%3DsharebarMetacurity – Twitter – Feb 17 2021 17:41Simon Fraser University says server breach exposed 'personally identifiable' information | CBC News…
Ca: Simon Fraser University warns cyberattack exposed personal information of about 200,000 students, staff and alumniDataBreaches.net – Feb 17 2021 13:27CBC reports: Simon Fraser University is warning its school community about a cyberattack that breached a server which stored information on student and employee ID numbers and other data, including admissions or academic standing. The school says…
Hacker Groups
RT @VICE: The Chuckling Squad has targeted celebrities and other high-profile social media users with SIM swapping attacks.
hxxps://bit[.]ly/3rXWGa3Secnewsbytes – Twitter – Feb 17 2021 08:45RT @VICE: The Chuckling Squad has targeted celebrities and other high-profile social media users with SIM swapping attacks.
hxxps://bit[.]ly/3rXWGa3
hxxps://bit[.]ly/3rXWGa3Secnewsbytes – Twitter – Feb 17 2021 08:45RT @VICE: The Chuckling Squad has targeted celebrities and other high-profile social media users with SIM swapping attacks.
hxxps://bit[.]ly/3rXWGa3
RT @k_sec: Lazarus/Bluenoroff/APT38 indictments hxxps://www[.]justice[.]gov/opa/pr/three-north-korean-military-hackers-indicted-wide-ranging-scheme-commit-cyberattacks-andgh0std4ncer – Twitter – Feb 17 2021 22:23RT @k_sec: Lazarus/Bluenoroff/APT38 indictments hxxps://www[.]justice[.]gov/opa/pr/three-north-korean-military-hackers-indicted-wide-ranging-scheme-commit-cyberattacks-and
Interview: Unistellar scientific officer discusses near-Earth asteroidsFox40 KTXL – Feb 17 2021 17:50Earth spiked a bit of a fever in 2020, partly because of cleaner air from the pandemic lockdown, a new study found. For a short time, temperatures in some places in the eastern United States, Russia and China were as much as half to two-thirds of a…
RT @campuscodi: US charges two more members of the ‘Lazarus’ North Korean hacking group
-the charges expand an initial indictment against a first Lazarus member from 2018
-they also charged a money mule that laundered funds from Lazarus heists
hxxps://www[.]zdnet[.]com/article/us-charges-two-more-members-of-the-lazarus-north-korean-hacking-group/ hxxps://twitter[.]com/campuscodi/status/1362093200161333255/photo/1
LixaH_CL – Twitter – Feb 17 2021 17:35RT @campuscodi: US charges two more members of the 'Lazarus' North Korean hacking group-the charges expand an initial indictment against a first Lazarus member from 2018
-they also charged a money mule that laundered funds from Lazarus…
Malware
Kia Faces $20M DoppelPaymer Ransomware AttackDark Reading: – Feb 17 2021 20:50Kia Motors America this week experienced a nationwide IT outage; now, reports indicate the company was hit with ransomware.
Egregor Arrests a Blow, But Ransomware Will Likely Bounce BackDark Reading: – Feb 17 2021 23:30Similar to previous ransomware takedowns, this disruption to the ransomware-as-a-service model will likely be short-lived, security experts say.
Researchers Unmask Hackers Behind APOMacroSploit Malware BuilderTHN : The Hacker News – Feb 17 2021 12:02Cybersecurity researchers have disclosed a new kind of Office malware distributed as part of a malicious email campaign that targeted more than 80 customers worldwide in an attempt to control victim machines and steal information remotely. The tool —…
Egregor ransomware takes a hit after arrests in UkraineCSO Magazine – Feb 17 2021 22:23A cybercriminal group associated with the Egregor ransomware was dismantled in Ukraine following a joint action by US, French and Ukrainian authorities. The website used by the Egregor group to post information about victims in an attempt to coerce…
Vulnerabilities
Apple Patches Flaw in macOS Big Sur UpgradeBankInfoSecurity – Feb 17 2021 22:11Vulnerability Could Lead to Data Loss Apple has patched a vulnerability in macOS Big Sur 11.2 and 11.3 upgrades that could have resulted in users getting stuck in a boot loop, suffering serious data loss and potentially getting locked out of their…
#Telegram flaw could have allowed access to users secret chats
hxxps://securityaffairs[.]co/wordpress/114653/hacking/telegram-flaw-access-secret-chats.html
#securityaffairs #hackingsecurityaffairs – Twitter – Feb 17 2021 20:21#Telegram flaw could have allowed access to users secret chats
hxxps://securityaffairs[.]co/wordpress/114653/hacking/telegram-flaw-access-secret-chats.html
#securityaffairs #hacking
hxxps://securityaffairs[.]co/wordpress/114653/hacking/telegram-flaw-access-secret-chats.html
#securityaffairs #hackingsecurityaffairs – Twitter – Feb 17 2021 20:21#Telegram flaw could have allowed access to users secret chats
hxxps://securityaffairs[.]co/wordpress/114653/hacking/telegram-flaw-access-secret-chats.html
#securityaffairs #hacking
File Sharing App SHAREit for Android Has Remote Code FlawBankInfoSecurity – Feb 17 2021 17:42Trend Micro: Users Face Risk of Data…
OpenSSL updates patch three vulnerabilities, including two DoS flaws and one incorrect SSL rollback protection issue. hxxps://www[.]securityweek[.]com/three-new-vulnerabilities-patched-opensslEduardKovacs – Twitter – Feb 17 2021 09:52OpenSSL updates patch three vulnerabilities, including two DoS flaws and one incorrect SSL rollback protection issue. hxxps://www[.]securityweek[.]com/three-new-vulnerabilities-patched-openssl
Ongoing Campaigns
Kia Motors America allegedly struck by DoppelPaymer ransomware attackSiliconANGLE – Feb 18 2021 02:51Kia Motors America Inc. has been allegedly struck by a DoppelPaymer ransomware attack with a 404 bitcoin ($20 million) ransom payment being demanded. First reported by Bleeping Computer, the first signs of an attack appeared with a nationwide IT…
Attacks targeting IT firms stir concern, controversy The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool The post Attacks targeting IT firms stir con… hxxps://bit[.]ly/3puxhD6 hxxps://twitter[.]com/InfoSecHotSpot/status/1362011795968376840/photo/1InfoSecHotSpot – Twitter – Feb 17 2021 12:11Attacks targeting IT firms stir concern, controversy The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool The post Attacks targeting IT firms stir…
Beware of These New Waves of Phishing Attacks – Warn AgenciesCyware – Feb 17 2021 18:23Cybercriminals are now uniformly adapting techniques to spread phishing emails on a larger scale. Recently, several tech companies and government agencies have issued warnings about ongoing phishing attacks laden with malicious attachments and social…
Trickbot’s Sibling, Bazarbackdoor, is Hunting Down its Targets VigorouslyCyware – Feb 17 2021 18:23In the fast-paced world of cybersecurity, most malware get a brief period in the spotlight before falling into oblivion. However, this is not the case with TrickBot. Despite the takedown attempt last year, reports suggested that the creators made…
Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.
