20 May 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Mount Locker Ransomware 14 22
Bizarro Banking Trojan 9 36
Conti Ransomware 11 78
Qlocker Ransomware 6 7
Wizard Spider 3 5
Judge Ransomware 3 10
NoCry Ransomware 3 10
Hafnium Group 4 6
WARZONE RAT 2 2
Hermes Ransomware 2 2
Data Breaches
Bug Exposed Eufy Camera Private Feeds to Random UsersThreatpost.com – May 19 2021 13:28Customers panic and question parent company Anker’s security and privacy practices after learning their home videos could be accessed and even controlled by strangers due to a server-upgrade glitch.
Wyoming Health Director, Tech Officer Quit After Data LeakOffice of Inadequate Security – May 19 2021 12:05Mead Gruver of AP reports: Wyoming’s health director and chief information officer have resigned after a data leak involving…
Tens of thousands of jobseekers have had their personal information exposed by a misconfigured cloud account, according to researchers >> hxxps://bit[.]ly/3bD0HLb #databreach #dataprotection #cybersecurity #infosecInfosecurityMag – Twitter – May 19 2021 17:00Tens of thousands of jobseekers have had their personal information exposed by a misconfigured cloud account, according to researchers >> hxxps://bit[.]ly/3bD0HLb #databreach #dataprotection #cybersecurity #infosec
Hacker Groups
DarkSide Ransomware Gang Extorted $90 Million from Several Victims in 9 MonthsTHN : The Hacker News – May 19 2021 14:20DarkSide, the hacker group behind the Colonial Pipeline ransomware attack earlier this month, received $90 million in bitcoin payments following a nine-month ransomware spree, making it one of the most profitable cybercrime groups. "In total, just…
Virtual 110 Labs event aims to help York Region entrepreneurs bring goals to lifeYork Region.com – May 19 2021 21:32Program is a 13-week incubator program organized by Tijarat-al-Raabehah (TaR) Toronto.
Is DarkSide Really Sorry? Is It Even DarkSide?Rand – May 19 2021 21:39“We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives. Our goal is to make money and not creating problems for society.” That may sound like satire, but it is how the…
‘TeamTNT’ Has a New Credential Harvester Targeting Cloud Services on the LooseTechNadu – May 19 2021 11:02‘TeamTNT’ is using a new harvester that targets a wide spectrum of cloud services and software apps. The actors are still targeting Monero wallets and configuration files and are still DDoSing some victims. The hacking group that started as an…
Malware
If you thought what’s going on with ransomware can’t get worse, check this article about an update to MountLocker that makes it “corporate ransomware for professionals”.malwrhunterteam – Twitter – May 19 2021 07:43If you thought what's going on with ransomware can't get worse, check this article about an update to MountLocker that makes it "corporate ransomware for professionals".
MountLocker ransomware uses Windows API to worm through networksBleepingComputer.com – May 19 2021 07:31The MountLocker ransomware operation now uses enterprise Windows Active Directory APIs to worm through networks. […]
RT @malwrhunterteam: If you thought what’s going on with ransomware can’t get worse, check this article about an update to MountLocker that makes it “corporate ransomware for professionals”.gh0std4ncer – Twitter – May 19 2021 07:45RT @malwrhunterteam: If you thought what's going on with ransomware can't get worse, check this article about an update to MountLocker that makes it "corporate ransomware for professionals".
RT @malwrhunterteam: If you thought what’s going on with ransomware can’t get worse, check this article about an update to MountLocker that makes it “corporate ransomware for professionals”. hxxps://twitter[.]com/BleepinComputer/status/1394918791319068675malwrhunterteam – Twitter – May 19 2021 18:44RT @malwrhunterteam: If you thought what's going on with ransomware can't get worse, check this article about an update to MountLocker that makes it "corporate ransomware for professionals"….
Vulnerabilities
CVE-2021-3445 A flaw was found in libdnf’s signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system … hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-3445CVEnew – Twitter – May 19 2021 14:45CVE-2021-3445 A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or…
CVE-2021-3421 A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest … hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-3421CVEnew – Twitter – May 19 2021 14:45CVE-2021-3421 A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The…
Cequence helps enterprises guard against recent API flaw exploitationSiliconANGLE – May 19 2021 15:46Application programming interfaces, or APIs, are great for introducing services to new customers, making it easier to publish content fast and sharing information cross-platform. However, APIs aren’t so great for security. Consumer-focused companies…
CVE-2021-3517 There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigg… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-3517CVEnew – Twitter – May 19 2021 14:45CVE-2021-3517 There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could…
Ongoing Campaigns
3.4 billion credential stuffing attacks hit financial services organizationsHelp Net Security – News – May 20 2021 03:00Akamai published a report that provides an analysis of both global and financial services-specific web application and credential stuffing attack traffic, revealing significant increases across the attack surfaces year over year from 2019 to 2020….
Digital transformation and the growth of DDoS attacksInformation Age – May 19 2021 10:19Steinthor Bjarnason, principal security engineer at NETSCOUT, discusses the rise of distributed denial-of-service (DDoS) attacks attacking digital transformation initiatives The attack surface has grown, meaning more areas for threat actors to target….
Probe Into Florida Water Plant Hack Led to Discovery of Watering Hole AttackSecurityWeek RSS Feed – May 19 2021 14:36An investigation conducted by industrial cybersecurity firm Dragos into the recent cyberattack on the water treatment plant in Oldsmar, Florida, led to the discovery of a watering hole attack that initially appeared to be aimed at water…
Conti ransomware gang also breached Ireland Department of Health (DoH)Security Affairs – May 19 2021 11:33Conti ransomware also breached the network of Ireland’s Department of Health (DoH) but the ransomware failed to encrypt the systems. Last week, Conti ransomware gang targeted the Ireland’s …

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal