Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Apr 5, 2021

A cup of coffee and the latest happenings in the cyberthreat landscape are sure to take away your Monday blues. Facebook is under fire again for failing to protect its users’ data. As a result, a threat actor has leaked the personal details of around 533 million users on a cybercrime forum.

Conti ransomware gang added new victims to its list by stealing sensitive data from Broward County public schools. The attackers have demanded $40 million in ransom to prevent the leak of data that belongs to both students and employees.

A cyberespionage campaign associated with the lesser-known Cycldek threat actor group has left researchers baffled. The campaign, targeted against Vietnamese organizations, also gave rise to two new malware named FoundCore and DropPhone.

Top Breaches Reported in the Last 24 Hours

Facebook data leaked

Data of 533 million Facebook users have been posted on a cybercrime forum. The leaked data includes phone numbers, Facebook IDs, birth dates, gender, and location. The data is being offered in 106 separate download packages, with the data split on a per-country basis.

Applus Technologies attacked

A malware attack on emission testing company Applus Technologies has disrupted the operations in the company branches located in Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin. The attack was first detected on March 30.

Broward county schools attacked

Conti ransomware has claimed its attack on Broward County Public schools and demanded a $40 million ransom to prevent the leak of students’ and teachers’ personal information. The stolen data comprises more than 1TB of files that include social security numbers, addresses, birth dates, and contact information.

Top Malware Reported in the Last 24 Hours

Phobos ransomware upgraded

Phobos ransomware has added new fileless and evasive techniques to its arsenal. Distributed via PowerShell scripts, the new sample was obtained from an attack that happened in March.

New malware found

The Chinese Cycldek threat actor group has been found to be associated with a cyberespionage campaign between June 2020 and January 2021. The campaign, which was launched against dozens of organizations in Vietnam, saw the distribution of two new malware named FoundCore and DropPhone.

GitHub abused

Threat actors are abusing the GitHub Actions feature in an attempt to inject malicious code to mine cryptocurrencies. The attacks have been happening since November 2020. The attack involves forking a legitimate repository, adding malicious GitHub Actions to the original code, and then filing a Pull Request with the original repository in order to merge the code back into the original.

Related Threat Briefings