23 March 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
BlackKingdom Ransomware 12 15
CopperStealer 10 31
SilverFish APT 7 21
Sodinokibi Ransomware 16 77
TA2101 4 4
Maze Ransomware 4 8
HelloKitty Ransomware 3 7
PYSA Ransomware 5 50
Echelon Stealer 2 2
Scranos Rootkit 2 3
Data Breaches
Hobby Lobby Exposed 138GB of Data hxxps://flip[.]it/QLRjfkSecurityblog – Twitter – Mar 22 2021 21:13Hobby Lobby Exposed 138GB of Data hxxps://flip[.]it/QLRjfk
PoC Exploit Posted Online Leaves Critical F5 BIG-IP Bug Exposed Heimdal Security Blog – Mar 22 2021 15:08F5 Networks recently released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, but their adversaries have begun to mass scan and target exposed and unpatched networking devices. This in the wild exploitation happened after a…
OSINT Tool Tuesday – LinkedIn, AR Search, Email and Breach DataTech-Wreck InfoSec Blog – Mar 22 2021 13:54 hxxps://jakecreps[.]com/osint-tool-tuesday-linkedin-ar-search-email-breach-leak-data/
Hobby Lobby, the American arts and crafts giant that also happened to purchase thousands of ancient artifacts looted from modern-day Iraq, exposed a large amount of data online, including customer names, addresses, etc.

hxxps://www[.]vice[.]com/en/article/v7m9ey/hobby-lobby-data-breachjosephfcox – Twitter – Mar 22 2021 15:37Hobby Lobby, the American arts and crafts giant that also happened to purchase thousands of ancient artifacts looted from modern-day Iraq, exposed a large amount of data online, including customer names, addresses,…

Hacker Groups
Report goes “behind enemy lines” to reveal SilverFish cyber-espionage groupMalwarebytes Unpacked – Mar 22 2021 11:42The PRODAFT Threat Intelligence Team has published a report (pdf) that gives an unusually…
Cybersecurity researcher reveals Lazarus hacking techniqueNeowin.net – Mar 22 2021 17:50The Lazarus hacker group has launched numerous disruptive campaigns against notable companies over the past few years. Reportedly backed by the North Korean regime , it is presently categorized as an advanced persistent threat by a collective of…
Hafnium paranoia and passwordsReddit – Sysadmin – Mar 22 2021 12:20div class="md"> This whole hafnium situation struck just as we were moving to Exchange online, missed this transition by a few weeks — lucky us. Anyway, the exploit was active since January, Microsoft patched in March. That leaves almost two…
SilverFish Hacking Group Abused Enterprise Victims for Sandbox TestsHeimdal Security Blog – Mar 22 2021 14:18Cyberattackers involved in worldwide hacking campaigns are using the compromised systems of high-profile victims as playgrounds to test out malicious tool detection rates. SilverFish is an extremely skilled threat group that has been responsible…
Malware
CopperStealer malware stealing Facebook, Apple, Google passwordsHackRead – Mar 22 2021 15:52The credential-stealing malware was found in keygen and Cracks related websites to circumvent licensing restrictions to legit software. The IT security researchers at Proofpoint researchers have discovered a new malware strain that has widespread…
New Copperstealer Malware Steals Google, Apple, Facebook AccountsInformation Security Buzz – Mar 22 2021 12:16News broke today that previously undocumented account-stealing malware distributed via fake software crack sites targets the users of major service providers, including Google, Facebook, Amazon, and Apple. The malware, dubbed…
Proofpoint researchers have published a report on the CopperStealer malware hxxps://www[.]proofpoint[.]com/us/blog/threat-insight/now-you-see-it-now-you-dont-copperstealer-performs-widespread-theft hxxps://twitter[.]com/virusbtn/status/1373972986961756162/photo/1virusbtn – Twitter – Mar 22 2021 12:21Proofpoint researchers have published a report on the CopperStealer malware hxxps://www[.]proofpoint[.]com/us/blog/threat-insight/now-you-see-it-now-you-dont-copperstealer-performs-widespread-theft…
PYSA Ransomware Eyeing Educational InstitutionsCyware – Mar 22 2021 20:28The PYSA ransomware gang is active again and targeting multiple sectors. Since March 2020, PYSA ransomware attacks have been launched against the U.S. and foreign government entities, private companies, educational institutions, and healthcare…
Vulnerabilities
Adobe Patches Critical ColdFusion Security Flaw – hxxps://www[.]securityweek[.]com/adobe-patches-critical-coldfusion-security-flaw (CVE-2021-20187)SecurityWeek – Twitter – Mar 22 2021 20:46Adobe Patches Critical ColdFusion Security Flaw – hxxps://www[.]securityweek[.]com/adobe-patches-critical-coldfusion-security-flaw (CVE-2021-20187)
RT @SecurityWeek: Adobe Patches Critical ColdFusion Security Flaw – hxxps://www[.]securityweek[.]com/adobe-patches-critical-coldfusion-security-flaw (CVE-2021-20187)CERT_at – Twitter – Mar 22 2021 20:47RT @SecurityWeek: Adobe Patches Critical ColdFusion Security Flaw – hxxps://www[.]securityweek[.]com/adobe-patches-critical-coldfusion-security-flaw (CVE-2021-20187)
CVE-2021-26578 A potential security vulnerability has been identified in HPE Network Orchestrator (NetO) version(s): Prior to 2.5. The vulnerability could be remotely exploited with SQL injection. hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-26578CVEnew – Twitter – Mar 22 2021 17:45CVE-2021-26578 A potential security vulnerability has been identified in HPE Network Orchestrator (NetO) version(s): Prior to 2.5. The vulnerability could be remotely exploited with SQL injection….
Adobe Patches Critical ColdFusion Security FlawSecurityWeek RSS Feed – Mar 22 2021 15:06Adobe has released an urgent patch for a potentially dangerous security vulnerability in Adobe ColdFusion, the platform used for building and deploying mobile and web apps. …
Ongoing Campaigns
Why Banks Are Still A Top Target For DDoS AttacksImperva Data Security Blog – Mar 22 2021 21:20The financial services sector is still a prime target for cyber criminals and it has been widely reported that in 2020 financial institutions came under attack…
Defending Your Business From The Changing DDoS Attack LandscapeInformation Security Buzz – Mar 22 2021 12:32Cyber-crimes are changing and businesses need to understand how to protect themselves from falling victim to online attacks. Cyber-criminals are operating on an increasingly sophisticated level. One trend that particularly stands out is the rise in…
Ransomware gang says it targets firms who have cyber insuranceGraham Cluley – Mar 22 2021 10:59The Record published an interesting interview last week with “Unknown”, a representative of the notorious REvil ransomware gang. What I found particularly fascinating was a claim made by “Unknown” that the REvil gang specifically targets firms who…
#COVID19, Password Spraying and the NHSInfosecurity – Blog – Mar 22 2021 14:30#COVID19, Password Spraying and the NHS The National Cyber Security Centre (NCSC) last year released specific advice on how healthcare…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal