18 January 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Sunspot Malware 6 65
Mylobot 2 2
Stuxnet 2 2
GravityRAT 1 3
IPStorm 1 4
OSAMiner 1 10
Winnti Group 1 8
TeamTNT 1 5
Turla APT Group 1 24
DarkSide Ransomware 1 33
Data Breaches
troyhunt – RT @haveibeenpwned: New breach: Employment website Jobandtalent had 11M records breached in 2018. Data included names, email and IP address…troyhunt – Twitter – Jan 17 2021 22:35RT @haveibeenpwned: New breach: Employment website Jobandtalent had 11M records breached in 2018. Data included names, email and IP addresses and salted SHA-1 passwords hashes. 55% were already in @haveibeenpwned. Read more:…
da_667 – I wasn’t exposed to a computer with internet access until I was 12. Didn’t have a computer with internet access in… https://t.co/rbTTQ6XHBAda_667 – Twitter – Jan 17 2021 19:21I wasn't exposed to a computer with internet access until I was 12. Didn't have a computer with internet access in our house until I was in my teens. I wanted to know how computers and the internet worked. Got into IT/sysadmin. pivoted to infosec…
BrianHonan – RT @newschambers: Over 100 people fined for breaching travel restrictions in Wicklow https://t.co/q2M8zCdqtKBrianHonan – Twitter – Jan 17 2021 10:16RT @newschambers: Over 100 people fined for breaching travel restrictions in Wicklow…
CyberScoopNews – US investigators say Russia is ‘likely’ the culprit for the SolarWinds breach.

It’s a designation that matters fo… https://t.co/JhgZI88z2TCyberScoopNews – Twitter – Jan 17 2021 11:31US investigators say Russia is 'likely' the culprit for the SolarWinds breach.

It's a designation that matters for national security.

https://www.cyberscoop.com/solarwinds-fbi-dhs-russia-biden-trump/

Hacker Groups
TeamTNT Builds Botnet from Cloud ServersThreat Intelligence on Medium – RSS – Jan 17 2021 16:22
anon_indonesia – The Anonymous Indonesia News Daily is out! https://t.co/fhBZB8BE74 #jakpostanon_indonesia – Twitter – Jan 18 2021 03:14The Anonymous Indonesia News Daily is out! https://paper.li/anon_indonesia/1435572762?edition_id=50b0f910-593b-11eb-aed6-002590a5ba2d #jakpost
What is UGNazi? Parler CEO John Matze, family forced into hiding after alleged death threats from hacking groupMEAWW – Jan 17 2021 12:23Parler CEO John Maltzer and his family have gone into hiding following death threats and security breaches they have been facing from a group that Maltzer has identified as UGNazi, according to a court filing by Parler's legal team. The court filing…
UGNazi Hacker Group Targets Parler CEO John Matze and Threatens to Come at His Front DoorIBTimes Singapore – Jan 17 2021 08:13The CEO of a conservative social media app Parler John Matze and his family have gone into hiding after receiving death threats and harassment. According to him, a well-known hacker group, UGNazi, has targeted him. As per a new court filing on Friday,…
Malware
Ransomware reveals the hidden weakness of our big tech worldZDNet Security – Jan 17 2021 23:00The flaws we have long overlooked are the ones that ransomware has exploited to brutal impact.
Malware incidents on remote devices increaseHelp Net Security – News – Jan 18 2021 04:3052% of organizations experienced a malware incident on remote devices in 2020, up from 37% in 2019, a Wandera report reveals. Of devices compromised by malware in 2020, 37% continued accessing corporate emails after being compromised and 11%…
mikko – @p3rfact Well, there’s been malware which has shared code with Stuxnet…but we haven’t found anything I would describe as a copycat.mikko – Twitter – Jan 17 2021 21:13@p3rfact Well, there’s been malware which has shared code with Stuxnet…but we haven’t found anything I would describe as a copycat.
malware_traffic – @m1ru1 Emotet is both an information stealer -and- malware dropper. In most cases, I get some sort of follow-up ma… https://t.co/sWNmhmUEMvmalware_traffic – Twitter – Jan 17 2021 18:07@m1ru1 Emotet is both an information stealer -and- malware dropper. In most cases, I get some sort of follow-up malware from an Emotet infection if I run the infection long enough. Emotet also has other functions it can use. The one I notice most…
Vulnerabilities
Unvalidated User Input in MS SharePoint 2019 (CVE-2020-1456)Reddit – Netsec – Jan 17 2021 17:25submitted by /u/slashcrypto [link] [comments]
CVE-2020-9971 Abusing XPC Service mechanism to elevate privilege in macOS/iOSReddit – Netsec – Jan 17 2021 10:21submitted by /u/0xdea [link]…
Critical flaws in Orbit Fox WordPress plugin allows site takeoverSecurity Affairs – Jan 17 2021 13:46Two vulnerabilities in the Orbit Fox WordPress plugin, a privilege-escalation issue and a stored XSS bug, can allow site takeover. Security experts from Wordfence have discovered two security vulnerabilities in the Orbit Fox WordPress plugin. The…
Dinosn – Unvalidated User Input in MS SharePoint 2019 (CVE-2020-1456)
https://t.co/f7ObiD4zLy
Dinosn – Twitter – Jan 18 2021 06:10Unvalidated User Input in MS SharePoint 2019 (CVE-2020-1456)
https://slashcrypto.org/2021/01/15/CVE-2020-1456/
Ongoing Campaigns
Security Affairs newsletter Round 297Security Affairs – Jan 17 2021 11:20A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box….
Week in review: Pen testing, Sunspot malware, Microsoft plugs Defender zero-dayHelp Net Security – News – Jan 17 2021 10:20Here’s an overview of some of last week’s most interesting news and articles: Top videoconferencing attacks and security best practices Videoconferencing has become a routine part of everyday life for remote workers, students, and…
Scottish Environmental Protection Agency hit by ransomware attackSiliconANGLE – Jan 18 2021 03:44The Scottish Environmental Protection Agency has revealed that it was struck by a ransomware attack on Christmas Eve that shut down its internal networks. The form of the ransomware attack was not disclosed, but the attack was detected at 12:01 a.m….
InfoSecHotSpot – Week in review: Pen testing, Sunspot malware, Microsoft plugs Defender zero-day Here’s an overview of some of last… https://t.co/hDUj79JmmVInfoSecHotSpot – Twitter – Jan 17 2021 13:58Week in review: Pen testing, Sunspot malware, Microsoft plugs Defender zero-day Here’s an overview of some of last week’s most interesting news and articles: Top videoconferencing attacks and security best practices Videoconferencing has become a…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal