26 May 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
Stuxnet 23 24
XCSSET 17 28
NotPetya Ransomware 4 11
Nemty Ransomware 2 3
Phorpiex Malware 2 7
Zeppelin Ransomware 2 7
Sunburst Backdoor 2 7
Dridex Malware 2 5
DoppelDridex 1 1
NEPHILIM Ransomware 1 1
Data Breaches
Bose admits ransomware attack exposed employee dataIT Pro UK – May 25 2021 11:42Bose has confirmed that it had experienced a data breach , having fallen victim to a  ransomware attack in early March. The audio equipment manufacturer admitted to the incident in a letter sent to the office of the Attorney General at the New…
Zocdoc says ‘programming errors’ exposed access to patients’ dataDataBreaches.net – May 25 2021 11:18Zack Whittaker reports: Zocdoc says it has fixed a bug that allowed current and former staff at doctor’s offices and dental practices to access patient data because their user accounts weren’t properly decommissioned. The New York-based company…
Disaster Recovery Options for Azure SQL Databases | Data Exposed: MVP EditionTechNet Blogs – May 25 2021 16:00Planning a proper disaster recovery solution is a critical piece of any infrastructure design, even when working in the cloud solutions like Azure SQL Database. Thankfully, the Azure architecture provides a solution that with only clicks of the…
BREACH vulnerabilityTechNet Blogs – May 25 2021 20:27When you run a penetration test on your web application, the report may point out BREACH as a high-risk vulnerability. BREACH attack works by trying to guess the secret keys in a compressed and encrypted response. Attacker makes many requests and…
Hacker Groups
Living an Anonymous LifeTVO.org – May 25 2021 23:35Commander X is a human rights and information activist who was involved with the infamous hacking movement known as Anonymous. He's featured in the TVO Original documentary "The Face of Anonymous," chronicling his hacktivist career and life on the…
North Korean Hackers Most Likely to Have Been Behind the CryptoCore HeistsHeimdal Security Blog – May 25 2021 15:17CryptoCore is a hacking group that has pulled off cryptocurrency heists that may worth more than $200 million. Security researchers are putting together pieces of information from multiple attacks on cryptocurrency exchanges, as the attacks…
RT @TrendMicroRSRCH: Japanese online shops face a new threat: malicious orders. Learn what Water Pamola is all about:Securityblog – Twitter – May 25 2021 21:24RT @TrendMicroRSRCH: Japanese online shops face a new threat: malicious orders. Learn what Water Pamola is all about:
Malware
RT @3xp0rtblog: New day, new claim to ransomware group. This time to REvil Ransomware because of disconnect affiliate from the affiliate program. The disconnected criminals said that earlier their team helped to improve the software part of the ransomware and advised be careful with REvil. hxxps://twitter[.]com/3xp0rtblog/status/1397047781576032259/photo/1Securityblog – Twitter – May 25 2021 20:15RT @3xp0rtblog: New day, new claim to ransomware group. This time to REvil Ransomware because of disconnect affiliate from the affiliate program. The disconnected criminals said that earlier their team helped to improve the software part of the…
FBI Identifies 16 Conti Ransomware Attacks on U.S. HealthcareSoftpedia – May 25 2021 14:49The FBI has related the Conti ransomware community to at least 16 cyberattacks in the United States aimed at disrupting healthcare and first responder networks. 911 dispatchers, law enforcement officers, and emergency care services have all been…
STRRAT – The RAT that Wants to be a RansomwareCyware – May 25 2021 20:28An ongoing malware campaign has been discovered that is spreading a Java-based RAT identified as STRRAT. It was developed to steal information from victims while portraying itself as ransomware. STRRAT was first observed in June last year by G DATA. W…
Apple Fixes MacOS Vulnerability Exploited by XCSSET MalwareHeimdal Security Blog – May 25 2021 13:12Apple has recently released security updates for several of its products, including a patch for its macOS desktop operating system. The patch includes a zero-day vulnerability fix that has been abused in the wild by the XCSSET malware gang for…
Vulnerabilities
Apple fixes three macOS flaws under active attackIT Pro UK – May 25 2021 09:45Apple has issued a patch to fix multiple vulnerabilities across its various platforms including iOS, macOS, tvOS, watchOS and Safari, including a macOS Big Sur zero-day vulnerability under active attack. The exploited macOS flaw, tracked as…
Bluetooth flaws allow attackers to impersonate legitimate devicesMalwareTips.com – May 25 2021 10:27Attackers could abuse vulnerabilities discovered in the Bluetooth Core and Mesh Profile specifications to impersonate legitimate devices during the pairing process and launch… Click to expand……
Trend Micro fixes 3 flaws in Home Network Security DevicesSecurity Affairs – May 25 2021 13:49Trend Micro fixed some flaws in Trend Micro Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication. Trend Micro fixed three vulnerabilities in Home Network Security devices that could be…
Ivanti fixes high severity flaw in Pulse Connect Secure VPNSecurity Affairs – May 25 2021 21:00A flaw in Pulse Connect Secure VPN could allow an authenticated remote attacker to execute arbitrary code with elevated privileges. Ivanti addressed a high severity Buffer Overflow vulnerability in Secure VPN appliances that could allow a remote…
Ongoing Campaigns
Supply Chain Attacks: How To Reduce Open-Source VulnerabilitiesSecurity Intelligence – May 25 2021 09:00When you read that software supply chain attacks …
How to avoid web supply chain attacksSecurity Bloggers Network – May 25 2021 07:00In early 2021, attackers infiltrated SolarWinds software used by thousands of major businesses and organizations worldwide. This allowed malicious parties to access data owned by not just SolarWinds but everyone who used the SolarWinds solution….
New Trojan Found to Impersonate RansomwareSoftpedia – May 25 2021 14:49A new STRRAT version has been found by a group of Microsoft cybersecurity specialists.  It is a Java-based malware that is disguised like ransomware to rob personal data stored on infected computers. This is yet another threat to be addressed, as the…
What are Clickjacking Attacks? Tips to Prevent ThemSecurity Bloggers Network – May 25 2021 16:16Clickjacking attacks trick the user into clicking unintentionally on a webpage element that is invisible or disguised as another element. Since clickjacking attacks do not affect the website per se,. The post …

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal