24 March 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Purple Fox Malware 7 7
Black Kingdom Ransomware 6 8
BlackKingdom Ransomware 6 21
SilverFish APT 5 26
Pirate Panda 3 3
Convuster 3 7
IcedID Trojan 4 8
Dridex Malware 4 16
Conficker 2 2
MyDoom 2 2
Data Breaches
Purple Fox malware worms its way into exposed Windows systemsBleepingComputer.com – Mar 23 2021 20:54Purple Fox, a malware previously distributed via exploit kits and phishing emails, has now added a worm module that allows it to scan for and infect Windows systems reachable over the Internet in ongoing attacks. […]
UK Tax Service Exposed Thousands Through Careless Bulk SMS OperationTechNadu – Mar 23 2021 13:03Mass texting from UK councils to taxpayers who owe them money has exposed their sensitive details. A contractor who was responsible for the communications sent out shortlinks that opened an unlocked database. The error has been fixed now, but the…
Purple Fox malware worms its way into exposed Windows systems – @serghei
hxxps://www[.]bleepingcomputer[.]com/news/security/purple-fox-malware-worms-its-way-into-exposed-windows-systems/
BleepinComputer – Twitter – Mar 23 2021 20:54Purple Fox malware worms its way into exposed Windows systems – @serghei
hxxps://www[.]bleepingcomputer[.]com/news/security/purple-fox-malware-worms-its-way-into-exposed-windows-systems/
Thousands of taxpayers’ personal details potentially exposed online through councils’ debt-chasing textsThe Register – Mar 23 2021 11:23Got a link? Change the last character and bingo, it's blackmail time Exclusive Bulk SMS messages sent by local councils across the UK contained weblinks leading to pages that freely exposed to the public thousands of taxpayers' names, addresses, and…
Hacker Groups
A New APT Named SilverFish Was Uncovered by ResearchersTechNadu – Mar 23 2021 09:18Yet another APT group linked to the SolarWinds attacks has been uncovered by Swiss researchers. The threat actors appear to serve Russian interests, but the attribution isn’t incontestable. The targeting of the group called SilverFish is high-level,…
RT @campuscodi: IBM is reporting that the ITG14 threat actor (aka Carbon Spider) is also dabbling with REvil and Ryuk campaigns… besides operating its own RaaS (Darkside) hxxps://twitter[.]com/campuscodi/status/1374385209605419012/photo/1Securityblog – Twitter – Mar 23 2021 16:08RT @campuscodi: IBM is reporting that the ITG14 threat actor (aka Carbon Spider) is also dabbling with REvil and Ryuk campaigns… besides operating its own RaaS (Darkside) hxxps://twitter[.]com/campuscodi/status/1374385209605419012/photo/1
Malicious Life Podcast: Inside the HAFNIUM Microsoft Exchange AttacksSecurity Bloggers Network – Mar 23 2021 18:00
SilverFish Hacking Group Abused Enterprise Victims for Sandbox Tests hxxps://heimdalsecurity[.]com/blog/silverfish-sandbox-tests/Secnewsbytes – Twitter – Mar 23 2021 09:18SilverFish Hacking Group Abused Enterprise Victims for Sandbox Tests hxxps://heimdalsecurity[.]com/blog/silverfish-sandbox-tests/
Malware
REvil continues ransomware attack streak with takeover of laptop maker Acer REvil previously infected the networks of Honda, the makers of Jack Daniels and a high-profile law firm representing Donald Trump. hxxps://tek[.]io/3f5OGAE hxxps://twitter[.]com/InfoSecHotSpot/status/1374529198698725378/photo/1InfoSecHotSpot – Twitter – Mar 24 2021 01:11REvil continues ransomware attack streak with takeover of laptop maker Acer REvil previously infected the networks of Honda, the makers of Jack Daniels and a high-profile law firm representing Donald Trump. hxxps://tek[.]io/3f5OGAE…
Sodinokibi/REvil Ransomware Gang Hit Acer with $50M Ransom DemandSecurity Bloggers Network – Mar 23 2021 16:54
New macOS malware XcodeSpy found sneaking into spy on victims #Cybersecurity #security hxxps://www[.]hackread[.]com/macos-malware-xcodespy-spy-on-victims/cybersecboardrm – Twitter – Mar 23 2021 09:11New macOS malware XcodeSpy found sneaking into spy on victims #Cybersecurity #security hxxps://www[.]hackread[.]com/macos-malware-xcodespy-spy-on-victims/
More Business Social Accounts Hijacked by CopperStealerHeimdal Security Blog – Mar 23 2021 15:42After it was reported that a new malware was stealing Facebook accounts, a report published by Proofpoint researchers revealed that more tech giants including Apple, Amazon, Google were used for cybercriminal activities since July 2019. Our…
Vulnerabilities
CVE-2021-20227 A flaw was found in SQLite’s SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggerin… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-20227CVEnew – Twitter – Mar 23 2021 17:45CVE-2021-20227 A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by…
Google fixes an Android vulnerability actively exploited in the wild hxxps://securityaffairs[.]co/wordpress/115888/mobile-2/google-android-flaw-exploited.html?utm_source=feedly&utm_medium=rss&utm_campaign=google-android-flaw-exploitedDinosn – Twitter – Mar 24 2021 05:59Google fixes an Android vulnerability actively exploited in the wild hxxps://securityaffairs[.]co/wordpress/115888/mobile-2/google-android-flaw-exploited.html?utm_source=feedly&utm_medium=rss&utm_campaign=google-android-flaw-exploited
CVE-2021-3409 The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privil… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-3409CVEnew – Twitter – Mar 23 2021 21:45CVE-2021-3409 The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious…
CVE-2021-20222 A flaw was found in keycloak. The new account console in keycloak can allow malicious code to be executed using the referrer URL. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availa… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-20222CVEnew – Twitter – Mar 23 2021 17:45CVE-2021-20222 A flaw was found in keycloak. The new account console in keycloak can allow malicious code to be executed using the referrer URL. The highest threat from this vulnerability is to data confidentiality and integrity as well as system…
Ongoing Campaigns
Ransomware operators are piling on already hacked Exchange serversArsTechnica – Mar 23 2021 22:05Aurich Lawson / Ars Technica Microsoft Exchange servers compromised in a first round of attacks are getting infected for a second time by a ransomware gang that is trying to profit from a rash of exploits that caught organizations around the world…
ZHtrap Botnet: Hackers Pitting Against Each OtherCyware – Mar 23 2021 20:28“The enemy of my enemy is my friend.” Apparently, this proverb doesn’t sit well in the cybercriminal world as dissension has been sowed between hackers. The scoop A new IoT botnet has been discovered that deploys honeypots to capture attacks from…
Analyzing Malware and Other AttacksInfoSec Bug Bounty Write-ups – RSS – Mar 23 2021 17:03Different Types of Malware and Other Attacks Hello friends, I’m Dinidhu Jayasinghe, and this my fourth article. In this article, I am going to talk about 👉 Malware (Virus, Trojans, Worms, Adware, Macro Virus, etc) 👉 Password Attacks 👉 Physical…
Anomali Cyber Watch:  APT, Malware, Vulnerabilities and More.ThreatStream Blog – Mar 23 2021 14:00The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: BlackRock, CopperStealer, Go, Lazarus, Mirai, Mustang Panda, Rust, Tax Season, and Vulnerabilities. The IOCs related…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal