Go to listing page

Cyware Daily Threat Intelligence, May 24, 2021

Cyware Daily Threat Intelligence, May 24, 2021

Share Blog Post

Threats posed by ransomware are not only dangerous but also oddly baffling. Having said that, the lesser-known Zeppelin ransomware has come back to life after lying dormant for a short period. A new version of the ransomware has been making the rounds on a hacker forum, offering cybercriminals in the ransomware business a new way to encrypt more data.

Updates on the two-year-old CryptoCore heist have come to light in the last 24 hours. Researchers attributed the attacks to the North Korean Lazarus threat actor group. The campaign started in 2018 and relied on spear-phishing attacks to gain an initial foothold. 

Top Breaches Reported in the Last 24 Hours

Updates on CryptoCore heist
New research reveals that the North Korean Lazarus threat actor group is behind CryptoCore’s multimillion-dollar cryptocurrency heists. The campaign had started in 2018 and relied on spear-phishing attacks to gain an initial foothold.

Bergen Logistics exposes data
A database belonging to Bergen Logistics remains exposed for public access without any security authentication. It includes 467,979 records, all relevant to shipments and customers. The records contain names, addresses, order numbers, and email addresses of customers.

The leak of personal data
Indonesia’s government has admitted to the leak of personal data linked to millions of citizens on the RaidForums dark web market. The data was stolen from a national health insurance scheme Badan Penyelenggara Jaminan Sosial (BPJS).

Top Malware Reported in the Last 24 Hours

Zeppelin ransomware enhanced
Zeppelin ransomware has returned with a new version after a long period. Researchers claim that the new variant was available on a hacker forum at the end of last month. It includes new features to increase the stability of the encryption.

Top Vulnerabilities Reported in the Last 24 Hours

Details about flaws disclosed
Technical details of 13 vulnerabilities found in the Nagios network monitoring application have been disclosed by researchers. The flaws can be exploited by threat actors to hijack the targeted infrastructure. The most severe of these is tracked as CVE-2020-28648 and is related to an improper input validation issue.

 Tags

cryptocore heist
lazarus threat actor group
zeppelin ransomware

Posted on: May 24, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.