Threat Intelligence Alerts — Daily (April 08 2021)
--
LATEST THREAT ALERTS
Ares Malware: The Grandson of the Kronos Banking Trojan
Check out the link for this article here: https://www.zscaler.com/blogs/security-research/ares-malware-grandson-kronos-banking-trojanNew Wormable Android Malware Spreads by Creating Auto-Replies to Messages in WhatsApp
Check out the link for this article here: https://research.checkpoint.com/2021/new-wormable-android-malware-spreads-by-creating-auto-replies-to-messages-in-whatsapp/533 million Facebook users’ data leaked
Facebook — The Facts on News Reports About Facebook Data
Check out the link for this article here: https://about.fb.com/news/2021/04/facts-on-news-reports-about-facebook-data/Rocke Group Actively Targeting the Cloud: Wants Your SSH Keys
Check out the link for this article here: https://www.intezer.com/blog/cloud-security/rocke-group-actively-targeting-the-cloud-wants-your-ssh-keys/Aurora campaign: Attacking Azerbaijan using multiple RATs
Check out the link for this article here: https://blog.malwarebytes.com/threat-analysis/2021/04/aurora-campaign-attacking-azerbaijan-using-multiple-rats/Pre-installed auto installer threat found on Android mobile devices in Germany
Check out the link for this article here: https://blog.malwarebytes.com/android/2021/04/pre-installed-auto-installer-threat-found-on-android-mobile-devices-in-germany/
Related Articles:
German Gigaset Android Update Server probably delivers malware
Check out the link for this article here: https://borncity.com/win/2021/04/03/gigaset-gehackt-android-update-server-liefern-wohl-malware-aus/Vulnerability in Fortigate VPN servers is exploited in Cring ransomware attacks
Check out the link for this article here: https://ics-cert.kaspersky.com/reports/2021/04/07/vulnerability-in-fortigate-vpn-servers-is-exploited-in-cring-ransomware-attacks/Send to saved messages: cybercriminals use Telegram bots and Google Forms to automate phishing
Check out the link for this article here: https://www.group-ib.com/media/phishing-automation/
LABELS:
Aurora Campaign, Python RAT, Cyber Espionage, SOCAR, Republic Oil, Gas Company, Ministry of Ecology and Natural Resources, Cyber attacks, steganography, New Python Remote Administration Trojan
Ares Banking Trojan, A new Kronos variant, Spam campaigns, Information stealer, Kronos, Osiris, Banking Trojan, DarkCrypter, BMPack
Rocke Group, Cryptojacking, Monero cryptominer, Jenkins, Redis, ActiveMQ, CVE-2016–3088, CVE-2019–1003000, CVE-2018–1000861, XMRig, Linux/Miner, LINUX/CoinMiner
New Wormable Android Malware, Fake App
Supply-chain attack, adware or downloaders, cyberattack
New Cring ransomware, Fortinet VPN devices, new human-operated ransomware strain Cring, advanced persistent threat (APT) actors, Cring ransomware, Crypt3r, Vjiszy1lo, Ghost, Phantom, Mimikatz, CobaltStrike
Please click on the redirect link to read more on the Trusted Source Websites. If you have missed any Threat Alerts. Check out the previous blogs — https://cyber-threat-intelligence007.medium.com/.
