28 January 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
EMOTET Trojan 252 268
Mailto Ransomware 39 40
Trickbot Malware 22 29
TeamTNT 10 13
Stuxnet 8 11
DanaBot 6 15
Ryuk Ransomware 10 12
QakBot 6 9
Lazarus Group 6 21
Cinobi Trojan 4 4
Data Breaches
APIs Exposed by Manual Penetration TestingSecurity Bloggers Network – Jan 28 2021 07:00
66,000 Gamers Exposed due to Cloud MisconfigurationE Hacking News – Jan 27 2021 09:01VIPGames[.]com, a free platform with a sum of 56 accessible classic board and games like Hearts, Crazy Eights, Euchre, Dominoes, Backgammon, and others, has uncovered the personal data of tens of thousands of users. A research group at WizCase found…
23 Million Gamer Records Exposed In VIPGames LeakNews ≈ Packet Storm – Jan 27 2021 14:02
Hacker Groups
Watch Out for the Silent Librarian: An Interview with Crane HassoldThe Scholarly Kitchen – Jan 27 2021 10:46Crane Hassold is the Senior Director of Threat Research at Agari, where he leads an intelligence team responsible for researching enterprise-focused phishing threats. Previously, he served as an Analyst at the FBI for more than 11 years, providing…
Chat Digest – Ghost Squad Hackers 2021/01/28 06:56 – 06:56 UTC“Ghost Squad Hackers” – Telegram – Jan 28 2021 06:56[06:56] : Just landed bruh [06:56] : Msg me @MRNikulin
TeamTNT delivers malware with new detection evasion toolAlienVault Labs Blog – Jan 27 2021 11:00Executive Summary AT&T Alien Labs™ has identified a new tool from the TeamTNT adversary group, which has been previously observed targeting exposed Docker infrastructure for cryptocurrency mining purposes and credential theft. The group is using a…
New research from the ThreatConnect research team suggests #CrimsonIAS may be an additional tool in Mustang Panda’s (aka BRONZE PRESIDENT, RedDelta) repertoire. hxxps://hubs[.]ly/H0FySd_0 hxxps://twitter[.]com/ThreatConnect/status/1354552715901349900/photo/1ThreatConnect – Twitter – Jan 27 2021 22:11New research from the ThreatConnect research team suggests #CrimsonIAS may be an additional tool in Mustang Panda’s (aka BRONZE PRESIDENT, RedDelta) repertoire. hxxps://hubs[.]ly/H0FySd_0…
Malware
World’s most dangerous malware EMOTET disrupted through global actionReddit – Netsec – Jan 27 2021 12:20submitted by /u/matzab [link]…
Netwalker ransomware site seized and dudes’ getting charged 💃🏾 one of the COVID theme ransomware groups.GossiTheDog – Twitter – Jan 27 2021 21:28Netwalker ransomware site seized and dudes’ getting charged 💃🏾 one of the COVID theme ransomware groups.
RT @Shadowserver: Reminder – Emotet dropped malware such as Trickbot and led to ransomware such as Ryuk. Infected systems need to be remediated quickly, since they may still have other active, ongoing infections inside their networks too.Securityblog – Twitter – Jan 27 2021 17:56RT @Shadowserver: Reminder – Emotet dropped malware such as Trickbot and led to ransomware such as Ryuk. Infected systems need to be remediated quickly, since they may still have other active, ongoing infections inside their networks too.
NetWalker Ransomwares Sites Seized By Law EnforcementSecurityPhresh – Jan 27 2021 21:14Law enforcement authorities in the U.S. and Europe have seized the dark web sites associated with the NetWalker ransomware operations and also charged a Canadian national in relation to the malware[.]read more
Vulnerabilities
CVE-2021-25226 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scan engine co… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-25226CVEnew – Twitter – Jan 27 2021 20:45CVE-2021-25226 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scan engine…
CVE-2021-25225 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled scan… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-25225CVEnew – Twitter – Jan 27 2021 20:45CVE-2021-25225 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled…
CVE-2021-25224 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a manual scan co… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-25224CVEnew – Twitter – Jan 27 2021 20:45CVE-2021-25224 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a manual scan…
Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156)Help Net Security – News – Jan 27 2021 09:53A vulnerability (CVE-2021-3156) in sudo, a powerful and near-ubiquitous open-source utility used on major Linux and Unix-like operating systems, could allow any unprivileged local user to gain root privileges on a vulnerable host (without…
Ongoing Campaigns
Avaddon Ransomware Using Ransom DDoS AttacksCyware – Jan 27 2021 19:24Avaddon ransomware operators are now using DDoS attacks as a negotiation tactic to force victims into paying. This type of attack tactic called Ransom DDoS (or RDDoS) is already in use by some ransomware operators, including SunCrypt and…
NetWalker Ransomware’s Sites Seized by Law EnforcementSecurity Week – Jan 27 2021 22:06Law enforcement authorities in the U.S. and Europe have seized the dark web sites associated with the NetWalker ransomware operations and also charged a Canadian national in relation to the malware. First spotted in 2019 and also known as Mailto,…
Emotet malware disruptedAskWoody – RSS – Jan 27 2021 16:31hxxps://www[.]europol[.]europa[.]eu/newsroom/news/world%E2%80%99s-most-dangerous-malware-emotet-disrupted-through-global-action hxxps://krebsonsecurity[.]com/2021/01/international-action-targets-emotet-crimeware/ Woo hoo!! What does that mean to you…
DDoS Attacks Surge in 2020 Due to #COVID19Infosecurity – Latest News – Jan 27 2021 09:10DDoS Attacks Surge in 2020 Due to #COVID19 Distributed denial-of-service (DDoS) attacks rose substantially last year following the digital shift brought about by COVID-19, according to figures released by …

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal