Cyware Monthly Threat Intelligence

Monthly Threat Briefing • March 2, 2021
Monthly Threat Briefing • March 2, 2021
The Good
A coordinated law enforcement operation successfully shut the shop for ValidCC, a dark web marketplace involved in trading stolen payment card data for more than six years. Meanwhile, the rise in ransomware incidents on healthcare facilities compelled CIS to launch a malicious domain identifier and blocker service. Also, an open-source tool is now available for those who are willing to find unsecured databases.
The Bad
The month touched a new low when state actors attempted to poison a water facility in Florida and risk tens of thousands of lives. Further, the incidents at Accellion and SolarWinds software continue to claim victims while acting as a wake-up call for organizations and government agencies that work with third-parties. Besides, there was a utility scam threatening customers to make immediate payments for fake overdue bills.
New Threats
The world witnessed threats that were complex, multi-staged, and had capabilities to subdue security controls. In a disclosure, experts revealed that at least four attack groups exploited multiple zero-day in Accellion software. Researchers uncovered two mysterious Mac M1 malware with distinct abilities. Actors hijacked about 500 Windows and Linux devices in one of the largest Monero cyptojacking attacks.