22 April 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Sodinokibi Ransomware 26 42
Stop Ransomware 5 5
Gaza Cybergang Group2 4 4
Bundlore 4 4
Lazarus Group 9 48
Slowpulse 3 11
UNC2630 3 13
DemonBot Malware 2 2
SpyNote 2 2
MICROPSIA Malware 2 2
Data Breaches
Vulnerability in CocoaPods Dependency Manager Exposed Millions of Apps hxxps://www[.]securityweek[.]com/vulnerability-cocoapod-dependency-manager-exposed-millions-appsSecurityWeek – Twitter – Apr 22 2021 00:11Vulnerability in CocoaPods Dependency Manager Exposed Millions of Apps hxxps://www[.]securityweek[.]com/vulnerability-cocoapod-dependency-manager-exposed-millions-apps
Vulnerability in CocoaPod Dependency Manager Exposed Millions of Apps hxxps://www[.]securityweek[.]com/vulnerability-cocoapod-dependency-manager-exposed-millions-appsSecurityWeek – Twitter – Apr 21 2021 13:46Vulnerability in CocoaPod Dependency Manager Exposed Millions of Apps hxxps://www[.]securityweek[.]com/vulnerability-cocoapod-dependency-manager-exposed-millions-apps
Vulnerability in CocoaPod Dependency Manager Exposed Millions of Apps | hxxp://SecurityWeek[.]Com hxxps://www[.]securityweek[.]com/vulnerability-cocoapod-dependency-manager-exposed-millions-appsSecurityblog – Twitter – Apr 21 2021 15:23Vulnerability in CocoaPod Dependency Manager Exposed Millions of Apps | hxxp://SecurityWeek[.]Com hxxps://www[.]securityweek[.]com/vulnerability-cocoapod-dependency-manager-exposed-millions-apps
Vulnerability in CocoaPod Dependency Manager Exposed Millions of AppsSecurityWeek RSS Feed – Apr 21 2021 13:46A remote code execution vulnerability identified on the central CocoaPods server could have allowed an attacker to poison any package download, security researcher Max Justicz reveals. …
Hacker Groups
Primitive Bear (Gamaredon) Targets Ukraine with Timely ThemesTout sur la cybersociété, la cybersécurité, la cybercriminalité, la cyberdéfense, … – Apr 21 2021 19:32
The MABNA Institute, an Iranian-linked threat actor, stayed plenty busy in 2020, targeting academic and research sector institutions. Take a look at their latest activities and the characteristics of their victims: hxxps://bit[.]ly/2QKmx7URecordedFuture – Twitter – Apr 21 2021 14:34The MABNA Institute, an Iranian-linked threat actor, stayed plenty busy in 2020, targeting academic and research sector institutions. Take a look at their latest activities and the characteristics of their victims: hxxps://bit[.]ly/2QKmx7U
Tag Barnakle threat actor compromises over 120 more adserversTech Xplore – Apr 21 2021 19:07Credit: Confiant via Unsplash[.]com Around one year ago, the security research company Confiant revealed a threat actor group called Tag Barnakle that targeted Revive Adserver instances on a mass scale. Now, however, Confiant has discovered that their…
RT @nigroeneveld: Primitive Bear (Gamaredon) Targets Ukraine with Timely Themes hxxps://www[.]anomali[.]com/blog/primitive-bear-gamaredon-targets-ukraine-with-timely-themes Additional IOCs hxxps://otx[.]alienvault[.]com/pulse/607ee151cc7a0fe7b63dc8ae?source=email_notificationInfosecNewsBot – Twitter – Apr 21 2021 20:19RT @nigroeneveld: Primitive Bear (Gamaredon) Targets Ukraine with Timely Themes hxxps://www[.]anomali[.]com/blog/primitive-bear-gamaredon-targets-ukraine-with-timely-themes Additional IOCs…
Malware
FormBook: A Well-known Commercial Malware Learns New TricksCyware – Apr 21 2021 14:28FormBook, the commercially available malware service, is back in action. This infostealer has been available as a service in underground forums since 2016, and the latest variant is equipped with new obfuscation capabilities. What has been discovered?…
Million-dollar deposits and friends in high places: how we applied for a job with a ransomware gangSecurity Affairs – Apr 22 2021 05:49During an undercover interview, a CyberNews researcher tricked ransomware operators affiliated with Ragnar Locker into revealing their ransom payout structure, cash out schemes, and target acquisition strategies. From a relatively…
Apple supplier Quanta hit with $50 million ransomware attack from REvilHITBSecNews – Apr 21 2021 23:59Apple supplier Quanta hit with $50 million ransomware attack from REvil l33tdawg Wed, 04/21/2021 – 23:59
Beware of BRATA: How to Avoid Android Malware AttackMcAfee Blogs – Apr 21 2021 14:36
Vulnerabilities
SonicWall Patches 3 Zero-Day FlawsBankInfoSecurity – Apr 21 2021 14:10FireEye: Vulnerabilities Could Be Used to Access…
RT @UbrwdDigital: Monero Cryptocurrency campaign exploits ProxyLogon flaws hxxps://securityaffairs[.]co/wordpress/116955/cyber-crime/proxylogon-flaws-cryptocurrencyminer.html via @securityaffairssecurityaffairs – Twitter – Apr 22 2021 06:05RT @UbrwdDigital: Monero Cryptocurrency campaign exploits ProxyLogon flaws hxxps://securityaffairs[.]co/wordpress/116955/cyber-crime/proxylogon-flaws-cryptocurrencyminer.html via @securityaffairs
Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock | Threatpost hxxps://threatpost[.]com/mozilla-fixes-firefox-flaw/165501/Securityblog – Twitter – Apr 21 2021 07:23Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock | Threatpost hxxps://threatpost[.]com/mozilla-fixes-firefox-flaw/165501/
Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock #Cybersecurity #security hxxps://threatpost[.]com/mozilla-fixes-firefox-flaw/165501/cybersecboardrm – Twitter – Apr 21 2021 08:18Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock #Cybersecurity #security hxxps://threatpost[.]com/mozilla-fixes-firefox-flaw/165501/
Ongoing Campaigns
Black Kingdom and Microsoft Exchange AttacksCyware – Apr 21 2021 14:28We are already aware of the raging blizzard that has been caused by the constant attacks on Microsoft Exchange Servers. Now, another threat actor has jumped on to the Exchange express to benefit from it. What’s going on? The Black Kingdom ransomware…
Top 5 most dangerous ransomware in 2021 | Kaspersky official blogWe use words to save the world | Kaspersky Lab Official Blog – Apr 21 2021 13:49Over the past five years, ransomware has evolved from being a threat to individual computers to posing a serious danger to corporate…
Hackers are actively targeting flaws in these VPN devices. Here’s what you need to doZDNet Security – Apr 21 2021 09:41A new vulnerability is being used to target customer devices, along with a number of older flaws still being exploited.
Lazarus E-Commerce Attackers Adapt Web Skimming for Stealing CryptocurrencyE Hacking News – Apr 21 2021 17:38Cybercriminals with apparent ties to North Korea that hit e-commerce shops in 2019 and 2020 to steal payment card data also tested functionality for stealing cryptocurrency, according to the cybersecurity firm Group-IB. Group-IB's latest report builds…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal