18 May 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Conti Ransomware 16 54
Avaddon Ransomware 13 39
Revenge RAT 9 20
APT10 6 9
Async RAT 6 16
Vengeance Justice Worm 4 4
Lime RAT 4 4
Magecart Group 5 18
WannaCry Ransomware 6 30
NotPetya Ransomware 4 7
Data Breaches
‘Citygate Global’ Exposed Hundreds of Thousands of Customer RecordsTechNadu – May 17 2021 08:03A micro-financing organization in Nigeria has exposed 270 thousand sensitive customer records. The details include people’s credit card scores, transaction logs, full names, passwords, and more. The period of exposure was at least ten days, more than…
A botched server upgrade exposed Eufy video camera feeds to random usersThe Record by Recorded Future – May 17 2021 18:08
Do consumers now feel more exposed than ever to the risk of fraud?Help Net Security – News – May 18 2021 03:00As the pandemic drove consumers online en masse to make purchases, consumer anxiety around fraud saw a considerable spike, according to a survey by Marqeta. The company surveyed 2,000 consumers across the United States and United Kingdom about…
NY: Student names, vendor bank account info exposed in Buffalo Public Schools cyber attackDataBreaches.net – May 17 2021 11:50Mary B. Pasciak reports: When ransomware hit the Buffalo Public Schools in March, the district told students and families that investigators had not determined that any personal information had been exposed. Two months later, investigators have found…
Hacker Groups
What are the factors creating investment opportunities in the Advanced Persistent Threat (APT) Protection MarketBeverage Manager – May 17 2021 09:29The global  advanced persistent threat protection (APT) market  is valued at $20,290.7 million by 2027, surging from $4,346.1 million in 2019 at a health CAGR of 20.9%. Considering the abovementioned factors, leading APT platform providers like…
APT Hacker Group FIN7 Uses A Pentesting Tool to Infect Windows MachinesGBHackers On Security – RSS – May 17 2021 07:46
DarkSide Ransomware Gang Struck Down — but by Whom?Security Bloggers Network – May 17 2021 17:55
Transparent Tribe APT adds new tool to its Windows malware arsenalCyberSecurity Help – Blog – RSS – May 17 2021 08:57The group updated its Windows malware toolkit with a new malware called ObliqueRAT.
Malware
Take action now – FluBot malware may be on its wayWe Live Security » Languages » English – May 17 2021 13:00Why FluBot is a major threat for Android users, how to avoid falling victim, and how to get rid of the malware if your device has already been compromised The post …
No one seems to talking about MountLocker ransomware recently, while they keep updating it.
Most interesting probably recently is the “worm” feature…
cc @demonslay335 @VK_Intel hxxps://twitter[.]com/malwrhunterteam/status/1394377650936950786/photo/1
malwrhunterteam – Twitter – May 17 2021 19:41No one seems to talking about MountLocker ransomware recently, while they keep updating it.
Most interesting probably recently is the "worm" feature…
cc @demonslay335 @VK_Intel…
FIN7: Active Again with New Lizar BackdoorCyware – May 17 2021 20:28FIN7, a financially motivated cybercrime group, is active again and using the Lizar malware. This malware is a backdoor that targets Windows-based systems and harvests all kinds of information. It is spreading under the guise of a Windows pentesting…
Ransomware Attacks Growing at a Fast RateE Hacking News – May 17 2021 09:33Ransomware has become a burning concern to every office in the world which wasn't even existing 30 years before. Probably there was never a danger of this kind. The fact that the ransomware gets stronger day by day, is the most profound concern. Curre…
Vulnerabilities
Making Zero-Day Flaws DisappearBankInfoSecurity – May 17 2021 15:11Maddie Stone of Google Describes Ways to Foil Exploit Writers Maddie Stone of Google's Project Zero bug hunting team says writing better software patches and using memory-safe language when coding applications can make it much more difficult for…
Cisco finally patches months-old VPN security flaw | TechRadar hxxps://www[.]techradar[.]com/news/cisco-finally-patches-months-old-vpn-security-flawSecnewsbytes – Twitter – May 17 2021 20:27Cisco finally patches months-old VPN security flaw | TechRadar hxxps://www[.]techradar[.]com/news/cisco-finally-patches-months-old-vpn-security-flaw
CVE-2021-3524 A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-3524CVEnew – Twitter – May 17 2021 17:45CVE-2021-3524 A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader…
CVE-2021-3483 A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerabilit… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-3483CVEnew – Twitter – May 17 2021 12:45CVE-2021-3483 A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this…
Ongoing Campaigns
Transparent Tribe Reappears with Expanded Malware Arsenal and TTPsCyware – May 17 2021 20:28Transparent Tribe, an APT group, is now expanding its malware arsenal and victimology aimed at Windows devices. The APT group has been active since 2013 and is known to target Indian military and defense personnel with CrimsonRAT. However, the group…
Magecart Hackers Spreading Malicious PHP Web ShellsCyware – May 18 2021 04:27Magecart Group 12, a group of hackers who target online shops and e-commerce websites, is now spreading malicious PHP web shells masked as favicons. Web shells allow the group to maintain remote access to the targeted servers. Following this,…
Operations in Asia of insurance giant AXA have been impacted by a ransomware attack that involved data theft and DDoS attacks. hxxps://www[.]securityweek[.]com/axa-confirms-ransomware-attack-impacted-operations-asiaEduardKovacs – Twitter – May 17 2021 14:56Operations in Asia of insurance giant AXA have been impacted by a ransomware attack that involved data theft and DDoS attacks. hxxps://www[.]securityweek[.]com/axa-confirms-ransomware-attack-impacted-operations-asia
17th May – Threat Intelligence ReportCheck Point Research – RSS – May 17 2021 18:11For the latest discoveries in cyber research for the week of 17th May, please download our Threat Intelligence Bulletin. Top Attacks and Breaches Ireland’s Health Services Executive (HSE), a provider of health and…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal