21 December 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Pegasus Malware 5 7
Flame Malware 2 4
SUPERNOVA Webshell 3 26
Clop Ransomware 2 2
CactusTorch 1 1
Zebrocy Group 1 2
Magecart Malware 1 4
NotPetya Ransomware 2 22
SystemBC Malware 2 33
FIN11 1 3
Data Breaches
Dinosn – Facebook bug exposed email addresses of Instagram users https://t.co/u5BAgFR5qPDinosn – Twitter – Dec 20 2020 14:03Facebook bug exposed email addresses of Instagram users https://www.hackread.com/facebook-bug-exposed-instagram-user-email-addresses/
helpnetsecurity – 45 million medical images left exposed online – https://t.co/AfhQAdyou0 – @CybelAngel #cybersecurity #security… https://t.co/jRPxG9Digwhelpnetsecurity – Twitter – Dec 20 2020 11:0045 million medical images left exposed online – https://www.helpnetsecurity.com/2020/12/16/45-million-medical-images-left-exposed-online/ – @CybelAngel #cybersecurity #security #infosecurity #itsecurity #CISO #cybersecuritynews #securitynews…
ZDNet – A Microsoft executive accidentally exposed one of the ugly truths of tech https://t.co/J7aAk6fYh5ZDNet – Twitter – Dec 20 2020 19:00A Microsoft executive accidentally exposed one of the ugly truths of tech…
ZDNet – A Microsoft executive accidentally exposed one of the ugly truths of tech https://t.co/rGvLA2maemZDNet – Twitter – Dec 20 2020 14:45A Microsoft executive accidentally exposed one of the ugly truths of tech…
Hacker Groups
Securityblog – RT @Unit42_Intel: SUPERNOVA, SolarStorm’s .NET webshell, uses tactics and techniques that support the hypothesis of an advanced persistent…Securityblog – Twitter – Dec 20 2020 15:53RT @Unit42_Intel: SUPERNOVA, SolarStorm's .NET webshell, uses tactics and techniques that support the hypothesis of an advanced persistent threat. https://bit.ly/3ayPRqb https://twitter.com/Unit42_Intel/status/1340468467477180416/photo/1
AnonymousSwizz – RT @PorksterCdC: How The Cult of The Dead Cow Helped Shape Modern Cybersecurity | Joseph … https://t.co/BcLY1GXSdn via @YouTubeAnonymousSwizz – Twitter – Dec 20 2020 16:23RT @PorksterCdC: How The Cult of The Dead Cow Helped Shape Modern Cybersecurity | Joseph … https://youtu.be/QvZuAwLIsEo via @YouTube
anon_indonesia – The Anonymous Indonesia News Daily is out! https://t.co/xcPRkFZpdn Stories via @Cyber_War_News #jakpostanon_indonesia – Twitter – Dec 21 2020 03:14The Anonymous Indonesia News Daily is out! https://paper.li/anon_indonesia/1435572762?edition_id=af27aff0-433a-11eb-a9a9-002590a5ba2d Stories via @Cyber_War_News #jakpost
20committee – RT @20committee: People have been asking me for my take on the APT29 / CozyBear / SVR mega-hack of USG (and many others).

It’s a serious c…20committee – Twitter – Dec 20 2020 18:54RT @20committee: People have been asking me for my take on the APT29 / CozyBear / SVR mega-hack of USG (and many others).

It's a serious cyber-defeat for DC. And a big win for Moscow. Read about it here.

I've made it open to all, since it's an…

Malware
Flavors designer Symrise halts production after Clop ransomware attackBleepingComputer.com – Dec 20 2020 19:20Flavor and fragrance developer Symrise has suffered a Clop ransomware attack where the attackers allegedly stole 500 GB of unencrypted files and encrypted close to 1,000 devices. […]
craiu – 1/10 A thread on the SUPERNOVA malware / webshell, potentially used by another group of attackers in the Solarwinds hack. 👉craiu – Twitter – Dec 20 2020 11:261/10 A thread on the SUPERNOVA malware / webshell, potentially used by another group of attackers in the Solarwinds hack. 👉
SecurityWeek – Ransomware Gangs Use Tor Backdoor Named ‘SystemBC’ in Attacks https://t.co/ecoRWI4W0xSecurityWeek – Twitter – Dec 20 2020 14:52Ransomware Gangs Use Tor Backdoor Named 'SystemBC' in Attacks https://www.securityweek.com/ransomware-gangs-use-systembc-tor-backdoor-attacks
ulexec – RT @campuscodi: Microsoft has finally published its own deep dive into the SUNBURST/Solorigate malware

Took a while, but it delivers all t…ulexec – Twitter – Dec 21 2020 02:31RT @campuscodi: Microsoft has finally published its own deep dive into the SUNBURST/Solorigate malware

Took a while, but it delivers all the details you…

Vulnerabilities
CyberScoopNews – 33 connectivity flaws render millions of IT, IoT devices vulnerable https://t.co/L17G2DpEnu by @timstarksCyberScoopNews – Twitter – Dec 20 2020 18:3033 connectivity flaws render millions of IT, IoT devices vulnerable https://hubs.ly/H0CSNXD0 by @timstarks
Dinosn – Adding cat gifs to the DIR-820L using CVE-2015-1187 and a firmware emulator
https://t.co/ItrwGZ7ND1
Dinosn – Twitter – Dec 20 2020 13:57Adding cat gifs to the DIR-820L using CVE-2015-1187 and a firmware emulator
https://breaking-bits.gitbook.io/breaking-bits/recreating-cve-2015-1187-in-the-dir-820l
securityaffairs – 5 million #WordPress sites potentially impacted by a #ContactForm 7 flaw
https://t.co/NfXEnV9t9z
#securityaffairs #hacking
securityaffairs – Twitter – Dec 20 2020 09:515 million #WordPress sites potentially impacted by a #ContactForm 7 flaw

5 million WordPress sites potentially impacted by a Contact Form 7 flaw


#securityaffairs #hacking

Developed By Fluent Technology Auth by pass VulnerabilityWLB2 Database – CXSecurity.com – Dec 20 2020 18:34Topic: Developed By Fluent Technology Auth by pass Vulnerability Risk: Medium Text: | # Title : Developed By Fluent Technology Auth by pass Vulnerability …
Ongoing Campaigns
Securityblog – RT @thegrugq: We heard you liked supply chain attacks. So we put a supply chain attack in your supply chain attack, so you could get hacked…Securityblog – Twitter – Dec 20 2020 18:20RT @thegrugq: We heard you liked supply chain attacks. So we put a supply chain attack in your supply chain attack, so you could get hacked while you were getting hacked.
sureshdr – RT @thegrugq: We heard you liked supply chain attacks. So we put a supply chain attack in your supply chain attack, so you could get hacked…sureshdr – Twitter – Dec 20 2020 09:11RT @thegrugq: We heard you liked supply chain attacks. So we put a supply chain attack in your supply chain attack, so you could get hacked while you were getting hacked.
The Great iPwn: Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ ExploitThe Citizen Lab – Dec 20 2020 19:57Summary & Key Findings In July and August 2020, government operatives used NSO Group’s…
Dozens Of Al Jazeera Journalists Allegedly Hacked Using Israeli Firms SpywareSecurityPhresh – Dec 20 2020 19:54Citizen Lab researchers say cyber-attack using NSO Group software likely ordered by Saudia Arabia and UAEiPhones vulnerable to hacking tool for months, researchers saySpyware sold by an Israeli private intelligence firm was allegedly used to hack…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal