31 January 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

Heat – Trending Malware and Threat Actors
Name Heat 1 Heat 7 Vol 1 Vol 7
FonixCrypter 14 20
Fonix Ransomware 8 15
Trickbot Malware 10 56
Poison Ivy Trojan 2 2
XINOF Ransomware 2 2
Minebridge Malware 2 2
NotPetya Ransomware 2 4
WannaCry Ransomware 2 7
Shiny Hunters 2 14
Wacapew 1 1
Data Breaches
RT @haveibeenpwned: New sensitive breach: MeetMindful had 1.4M addresses breached a year ago. Extensive personal information was exposed including physical attributes, sexualities, substance use and bcrypt password hashes. 86% were already in @haveibeenpwned. Read more: hxxps://www[.]zdnet[.]com/article/hacker-leaks-data-of-2-28-million-dating-site-users/troyhunt – Twitter – Jan 31 2021 03:06RT @haveibeenpwned: New sensitive breach: MeetMindful had 1.4M addresses breached a year ago. Extensive personal information was exposed including physical attributes, sexualities, substance use and bcrypt password hashes. 86% were already in…
See if your credentials have been compromised with this new data leak tool hxxps://flip[.]it/1qYiPFSecurityblog – Twitter – Jan 30 2021 23:49See if your credentials have been compromised with this new data leak tool hxxps://flip[.]it/1qYiPF
A phishing campaign’s collateral damage: Stolen passwords were publicly searchable hxxps://www[.]cyberscoop[.]com/phishing-passwords-exposed-check-point/CyberScoopNews – Twitter – Jan 31 2021 01:46A phishing campaign's collateral damage: Stolen passwords were publicly searchable hxxps://www[.]cyberscoop[.]com/phishing-passwords-exposed-check-point/
5 data categories to learn for faster cybersecurity responses By knowing the different types of data, it can help your company protect itself from breaches and better recover from a cyberattack. hxxps://binged[.]it/3tjZShQ hxxps://twitter[.]com/InfoSecHotSpot/status/1355425030923030529/photo/1InfoSecHotSpot – Twitter – Jan 30 2021 07:585 data categories to learn for faster cybersecurity responses By knowing the different types of data, it can help your company protect itself from breaches and better recover from a cyberattack. hxxps://binged[.]it/3tjZShQ…
Hacker Groups
The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=79d6bd70-6372-11eb-b2a3-002590a5ba2danon_indonesia – Twitter – Jan 31 2021 03:14The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=79d6bd70-6372-11eb-b2a3-002590a5ba2d
RT @blueteamsec1: Higaisa or Winnti? APT41 backdoors, old and new hxxp://dlvr[.]it/RrggL4 #cyber #threathunting #infosec hxxps://twitter[.]com/blueteamsec1/status/1355571864878280705/photo/1Securityblog – Twitter – Jan 30 2021 18:25RT @blueteamsec1: Higaisa or Winnti? APT41 backdoors, old and new hxxp://dlvr[.]it/RrggL4 #cyber #threathunting #infosec hxxps://twitter[.]com/blueteamsec1/status/1355571864878280705/photo/1
Rocke Group’s Pro Ocean Crypto-jacking Malware now Comes with Worm Feature hxxps://www[.]ehackingnews[.]com/2021/01/rocke-groups-pro-ocean-crypto-jacking.html?utm_source=dlvr.it&utm_medium=twitter hxxps://twitter[.]com/EHackerNews/status/1355498384023408643/photo/1EHackerNews – Twitter – Jan 30 2021 12:49Rocke Group’s Pro Ocean Crypto-jacking Malware now Comes with Worm Feature hxxps://www[.]ehackingnews[.]com/2021/01/rocke-groups-pro-ocean-crypto-jacking.html?utm_source=dlvr.it&utm_medium=twitter…
Lebanese Cedar APT hacker group—linked to Hezbollah Cyber Unit—broke into telecom, hosting providers, communication, IT, and applications companies worldwide.

Read more: hxxps://thehackernews[.]com/2021/01/hezbollah-hacker-group-targeted.htmlstmanfr – Twitter – Jan 30 2021 21:37Lebanese Cedar APT hacker group—linked to Hezbollah Cyber Unit—broke into telecom, hosting providers, communication, IT, and applications companies worldwide.

Read more: hxxps://thehackernews[.]com/2021/01/hezbollah-hacker-group-targeted.html

Malware
Fonix ransomware shuts down and releases master decryption keyMalwareTips.com – Jan 30 2021 09:46The Fonix Ransomware operators have shut down their operation and released the master decryption allowing victims to recover their files for free. Fonix Ransomware, also known as Xinof and……
Windows finger command abused to download MineBridge backdoorHackRead – Jan 30 2021 18:19By Habiba Rashid A new phishing campaign has been identified which uses the Windows Finger command to download a malware variant called MineBridge. This is a post from HackRead[.]com Read the original post: …
Is TrickBot Indestructible?Cyware – Jan 30 2021 19:24Since the past takedown attempt in November 2020, TrickBot malware has not only re-emerged, its operators have been launching newer versions from time to time. They have recently released a more persistent version of the malware. New vs old The last…
RT @campuscodi: NEW: The FonixCrypter ransomware gang has shut down their operation today and released a free decryptor and their master decryption key

hxxps://www[.]zdnet[.]com/article/fonixcrypter-ransomware-gang-releases-master-decryption-key/ hxxps://twitter[.]com/campuscodi/status/1355322952502415361/photo/1jabolins – Twitter – Jan 30 2021 13:50RT @campuscodi: NEW: The FonixCrypter ransomware gang has shut down their operation today and released a free decryptor and their master decryption key

hxxps://www[.]zdnet[.]com/article/fonixcrypter-ransomware-gang-releases-master-decryption-key/…

Vulnerabilities
4 fatal flaws in deterministic password managers hxxps://tonyarcieri[.]com/4-fatal-flaws-in-deterministic-password-managersSecurityblog – Twitter – Jan 30 2021 21:414 fatal flaws in deterministic password managers hxxps://tonyarcieri[.]com/4-fatal-flaws-in-deterministic-password-managers
sudo: Ineffective NO_ROOT_MAILER and Baron SameditOpen Source Security – Jan 30 2021 08:28Posted by Roman Fiedler on Jan 30 Hello list, While reproducing the exploitation of "Baron Samedit" another minor issue in Sudo was discovered. It affects Sudo 1.9.4 and newer and renders the "NO_ROOT_MAILER" hardening option us…
Cyber Command, NSA warn to patch decade-old vulnerability in sudo hxxps://www[.]cyberscoop[.]com/sudo-flaw-cyber-command-nsa-buffer-overflow/CyberScoopNews – Twitter – Jan 30 2021 20:43Cyber Command, NSA warn to patch decade-old vulnerability in sudo hxxps://www[.]cyberscoop[.]com/sudo-flaw-cyber-command-nsa-buffer-overflow/
Ongoing Campaigns
Trickbot- A Banking Trojan Returns With Latest Phishing Campaigns and AttacksE Hacking News – Jan 30 2021 14:13Trickbot, a banking malware has resurged again with new phishing campaigns and attacks after the collaboration of cybersecurity and technology companies disrupted the Trickbot malware in October last year. Trickbot malware evolved into a highly…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Daily Cyber Alert

Sign up for the latest news on data breaches, hacker groups, malware and vulnerabilities.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal