24 May 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
RedXOR Backdoor 2 2
APT27 2 3
STRRAT 2 24
Urausy Ransomware 1 1
Nemty Ransomware 1 1
KekSec 1 5
Hermes Ransomware 1 5
Wizard Spider 1 10
APT36 1 4
Qlocker Ransomware 1 25
Data Breaches
Data of 100M Android users exposed from exposed cloud storage syncingSiliconANGLE – May 24 2021 03:59The data of more than 100 million Android app users has been found exposed because of misconfigurations relating to third-party services. Detailed May 20 by researchers at Check Point Software Technologies Ltd., the exposure relates to 23 popular apps…
Data of over 100M Android users exposed due to exposed cloud storage syncingSiliconANGLE – May 24 2021 03:36The data of over 100 million Android app users has been found exposed due to misconfigurations relating to third-party services. Detailed by researchers at Check Point Software Technologies Ltd., the exposure relates to 23 popular apps that put…
Misconfiguration of back-end cloud services by more than 20 mobile app developers may have exposed the personal data of over 100 million #Android users >> hxxps://bit[.]ly/3yy0q6q #Cloud #DataProtectionInfosecurityMag – Twitter – May 23 2021 12:16Misconfiguration of back-end cloud services by more than 20 mobile app developers may have exposed the personal data of over 100 million #Android users >> hxxps://bit[.]ly/3yy0q6q #Cloud #DataProtection
Hacker Groups
Hear ye, DarkSide! This honorable ransomware court is now in sessionHITBSecNews – May 23 2021 23:38Hear ye, DarkSide! This honorable ransomware court is now in session l33tdawg Sun, 05/23/2021 – 23:38
Hear ye, DarkSide! This honorable ransomware court is now in session hxxp://twib[.]in/l/kXL9nGeX7zXzInfoSecHotSpot – Twitter – May 24 2021 03:35Hear ye, DarkSide! This honorable ransomware court is now in session hxxp://twib[.]in/l/kXL9nGeX7zXz
Colonial Pipeline Updates, DarkSide Goes Dark, Cybersecurity Best PracticesSecurity Boulevard – RSS – May 24 2021 04:00More news and updates about the Colonial Pipeline ransomware attack, the DarkSide ransomware as a service (RaaS) goes dark on the dark web, and why we still need cybersecurity best practices (regardless of an opinion piece that says otherwise). **…
The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=74c342c0-bc3e-11eb-bc96-fa163e6ccaff Stories via @AnonymousSwizz #jakpostanon_indonesia – Twitter – May 24 2021 03:16The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=74c342c0-bc3e-11eb-bc96-fa163e6ccaff Stories via @AnonymousSwizz #jakpost
Malware
RT @Dinosn: Deep Dive Malware Analysis Series Of Hermes Ransomware – Pt 2 hxxps://www[.]reddit[.]com/r/ReverseEngineering/comments/nih2sk/deep_dive_malware_analysis_series_of_hermes/Securityblog – Twitter – May 23 2021 09:39RT @Dinosn: Deep Dive Malware Analysis Series Of Hermes Ransomware – Pt 2 hxxps://www[.]reddit[.]com/r/ReverseEngineering/comments/nih2sk/deep_dive_malware_analysis_series_of_hermes/
Ransomware Attacks Are Becoming More Common. But Are They Always Real?Medium Cybersecurity – RSS – May 24 2021 01:32
FBI Says Conti Ransomware Gang Has Hit 16 US Health And Emergency NetworksSecurityPhresh – May 24 2021 00:43In the past year.
@Banbreach @PogoWasRight @sethr Urausy is a generic AV detection for any screenlocker based ransomware.MalwareTechBlog – Twitter – May 23 2021 17:30@Banbreach @PogoWasRight @sethr Urausy is a generic AV detection for any screenlocker based ransomware.
Vulnerabilities
CVE-2021-31166 Windows HTTP flaw also impacts WinRM serversSecurity Affairs – May 23 2021 13:25The wormable CVE-2021-31166 vulnerability in the HTTP Protocol Stack of the Windows IIS server also affects WinRM on Windows 10 and Server systems. Microsoft Patch Tuesday for May 2021 security updates addressed 55 vulnerabilities in Microsoft…
CVE-2021-31166 #Windows HTTP flaw also impacts #WinRM servers
hxxps://securityaffairs[.]co/wordpress/118189/security/cve-2021-31166-windows-http-flaw.html
#securityaffairs #hacking
securityaffairs – Twitter – May 23 2021 13:26CVE-2021-31166 #Windows HTTP flaw also impacts #WinRM servers
hxxps://securityaffairs[.]co/wordpress/118189/security/cve-2021-31166-windows-http-flaw.html
#securityaffairs #hacking
CVE-2021-31166 #Windows HTTP flaw also impacts #WinRM servers,,,
hxxps://securityaffairs[.]co/wordpress/118189/security/cve-2021-31166-windows-http-flaw.html
#securityaffairs #hacking
securityaffairs – Twitter – May 23 2021 18:55CVE-2021-31166 #Windows HTTP flaw also impacts #WinRM servers,,,
hxxps://securityaffairs[.]co/wordpress/118189/security/cve-2021-31166-windows-http-flaw.html
#securityaffairs #hacking
RT @Popehat: @sarahemclaugh Political activists directed attention to a potential safety flaw in the Empire’s new space facility, twice.thegrugq – Twitter – May 24 2021 04:34RT @Popehat: @sarahemclaugh Political activists directed attention to a potential safety flaw in the Empire’s new space facility, twice.
Ongoing Campaigns
Parliament Targeted By Brute-force AttackSecurityPhresh – May 24 2021 03:04Fast-tracks replacement of mobile device management system.
Not Applicable: Homograph Attack via Whatsapp StatusInfoSec Bug Bounty Write-ups – RSS – May 23 2021 09:04The IDN (Internationalized Domain Name): https://fаcebook[.]com/is a homograph for the Latin hxxps://xn--fcebook-2fg[.]com/. While putting a status on WhatsApp when putting URL it displays https://fаcebook[.]com/which is…
@NGiollaEaspaig @joetidy I think there is a lot of speculation and opinions being shared is n the media and by politicians which may not be based in the facts on the ground. I know some coverage that I’ve read doesn’t make sense, e.g. claims this was a zero day attack or a nation state attackBrianHonan – Twitter – May 23 2021 10:44@NGiollaEaspaig @joetidy I think there is a lot of speculation and opinions being shared is n the media and by politicians which may not be based in the facts on the ground. I know some coverage that I’ve read doesn’t make sense, e.g. claims this was…
UK: Customers hit as ransomware incident blacks out Doncaster insurance firmDataBreaches.net – May 23 2021 12:56We were so busy watching the Colonial Pipeline situation here that we appear to have missed a ransomware incident in the U.K. of note. It started typically enough, with the Doncaster Free Press reporting on May 14 that One Call Insurance had been hit…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal