20 January 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Teardrop Dropper 14 14
DeroHE Ransomware 6 16
VPNFilter Malware 5 5
TinyMet 4 4
Meterpreter Stager 4 4
UNC2452 8 11
Stuxnet 4 6
SDBbot RAT 3 3
Sunburst Backdoor 18 35
Maze Ransomware 3 7
Data Breaches
X-rated social media app Fleek exposed explicit photos of usersHackRead – Jan 19 2021 16:34By Waqas Fleek shut down its operation in 2019 but did not secure its server neither did the company remove users' data. Here's what was leaked. This is a post from HackRead.com Read the original post: …
Flaws in widely used dnsmasq software leave millions of Linux-based devices exposedCSO Magazine – Jan 19 2021 12:27Security researchers have found several serious vulnerabilities in dnsmasq, a utility used in many Linux-based systems, especially routers and other IoT devices, to provide DNS services. Attackers can exploit the flaws to redirect users to rogue…
AnyVan confirms digital break-in, says customer names, emails and hashed passwords exposedThe Register – Jan 19 2021 09:05Burglary took place 3 months before biz discovered unauthorised entry Anyvan, the European online marketplace that lets users buy delivery, transport or removal services from a network of providers, has confirmed it was the victim of a digital…
Snowden – RT @wikileaks: Watch: Joe Rogan on Assange: “He exposed horrific crimes – he exposed things that US citizens are deeply opposed to” | @joer…Snowden – Twitter – Jan 19 2021 21:06RT @wikileaks: Watch: Joe Rogan on Assange: "He exposed horrific crimes – he exposed things that US citizens are deeply opposed to" | @joerogan #pardonassangeNOW https://twitter.com/wikileaks/status/1351635521328574476/video/1
Hacker Groups
FireEye report re: UNC2452 remediationAustralian Cyber Security Magazine – RSS – Jan 20 2021 01:13In December 2020, FireEye uncovered and disclosed publicly a widespread attacker campaign that is being tracked as UNC2452. In some, but not all, of the intrusions associated with this campaign where Mandiant has visibility, the attacker used…
Persistent malvertising attacker DCCBoost raged as the year fadedThreat Intelligence on Medium – RSS – Jan 19 2021 18:51
Raindrop loader used in Solarigate. SideWinder activities. Charming Kitten phishing campaign.The CyberWire – Jan 19 2021 21:06At a glance. FreakOut botnet targets recently disclosed CVEs. Ransomware predictions. Classiscam exported from Russia. Raindrop loader used in Solarigate. Researchers at Symantec describe "Raindrop," a malware loader used in the Solarigate…
Malware
Hundreds of Networks Still Host Devices Infected With VPNFilter MalwareSecurityWeek RSS Feed – Jan 19 2021 18:25The VPNFilter malware is still present in hundreds of networks and malicious actors could take control of the infected devices, according to researchers at cybersecurity firm Trend Micro. …
SecurityWeek – Hundreds of Networks Still Host Devices Infected With VPNFilter Malware https://t.co/nzwEjFawW4SecurityWeek – Twitter – Jan 19 2021 18:26Hundreds of Networks Still Host Devices Infected With VPNFilter Malware https://www.securityweek.com/hundreds-networks-still-host-devices-infected-vpnfilter-malware
Securityblog – Hundreds of Networks Still Host Devices Infected With VPNFilter Malware | https://t.co/08MJfOsUA9 https://t.co/gYwZNEt0cdSecurityblog – Twitter – Jan 19 2021 18:50Hundreds of Networks Still Host Devices Infected With VPNFilter Malware | http://SecurityWeek.Com https://www.securityweek.com/hundreds-networks-still-host-devices-infected-vpnfilter-malware
Hackers compromised IObit forum to spread DeroHE ransomwareHackRead – Jan 19 2021 18:59By Waqas Over the weekend, Windows utility developer IObit was hacked to facilitate a widespread attack for distributing the DeroHE ransomware. This is a post from HackRead.com Read the original post: …
Vulnerabilities
Microsoft to Launch ‘Enforcement Mode’ for Zerologon FlawDark Reading – All Stories – Jan 19 2021 22:25Enforcement mode for the Netlogon Domain Controller will be enabled by default with the Feb. 9 security update.
Secnewsbytes – Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’ | Threatpost https://t.co/jdfEY9DvSOSecnewsbytes – Twitter – Jan 19 2021 19:13Microsoft Implements Windows Zerologon Flaw 'Enforcement Mode' | Threatpost https://threatpost.com/microsoft-implements-windows-zerologon-flaw-enforcement-mode/163104/
cybersecboardrm – Microsoft to Launch ‘Enforcement Mode’ for Zerologon Flaw #Cybersecurity #security https://t.co/lIFYYYV40rcybersecboardrm – Twitter – Jan 20 2021 04:42Microsoft to Launch 'Enforcement Mode' for Zerologon Flaw #Cybersecurity #security https://www.darkreading.com/vulnerabilities—threats/microsoft-to-launch-enforcement-mode-for-zerologon-flaw/d/d-id/1339933
DarkReading – Microsoft to Launch ‘Enforcement Mode’ for Zerologon Flaw https://t.co/yDzITjhLXE
#Microsoft #Windows #vulnerability #Zerologon
DarkReading – Twitter – Jan 19 2021 22:37Microsoft to Launch 'Enforcement Mode' for Zerologon Flaw http://ow.ly/Tlgv50DcUX5
#Microsoft #Windows #vulnerability #Zerologon
Ongoing Campaigns
Vishing attacks conducted to steal corporate accounts, FBI warnsSecurity Affairs – Jan 19 2021 12:17The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) that warns of…
BrandPost: Why Supply Chain Attacks Are So DestructiveCSO Magazine – Jan 19 2021 15:52What are supply chain attacks and why can they be so damaging? In this first installment of our blog series, we'll identify some common elements of a supply chain attack and how you can discover these attacks in the early stages. What is a Supply…
FBI Warns of Increase in Vishing AttacksBankInfoSecurity – Jan 19 2021 19:11Hackers Attempt to Collect VPN Credentials The FBI is warning that hackers are increasingly using voice phishing, or vishing, to target remote and at-home workers as a way of harvesting VPN and other credentials to gain initial access to corporate…
FireEye Releases New Open Source Tool in Response to SolarWinds HackSecurity Week – Jan 19 2021 19:17FireEye Mandiant on Tuesday announced the release of an open source tool designed to check Microsoft 365 tenants for the use of techniques associated with UNC2452, the name currently assigned by the cybersecurity firm to the threat group that…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal