27 April 2021 Weekly Newsletter

BOCRA website




Apple M1 Macs are already being targeted by crypto-stealing malware

                                                     LATEST CYBER HACKS 




3.2 Billion Leaked Passwords Contain 1.5 Million Records with Government Emails

A staggering number of 3.28 billion passwords linked to 2.18 billion unique email addresses were exposed in what's one of the largest data dumps of breached usernames and passwords.


Logins for 1.3 million Windows RDP servers collected from hacker market

The login names and passwords for 1.3 million current and historically compromised Windows Remote Desktop servers have been leaked by UAS, the largest hacker marketplace for stolen RDP credentials.





Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed details of a new advanced persistent threat (APT) that's leveraging the Supernova backdoor to compromise SolarWinds Orion installations after gaining access to the network through a connection to a Pulse Secure VPN device.



Apple fixes macOS zero-day bug exploited by Shlayer malware

Apple has fixed a zero-day vulnerability in macOS exploited in the wild by Shlayer malware to bypass Apple's File Quarantine, Gatekeeper, and Notarization security checks and download second-stage malicious payloads.



Apple AirDrop Bug Could Leak Your Personal Info to Anyone Nearby

New research has uncovered privacy weaknesses in Apple's wireless file-sharing protocol that could result in the exposure of a user's contact information such as email addresses and phone numbers.





Emotet malware self-destructs after cops deliver time-bomb DLL to infected Windows PCs

Notorious Windows malware Emotet was automatically wiped from computers yesterday by European law enforcement using a customized DLL.



Wormable Malware Comes Back As ‘WhatsApp Pink’ – Now Targets Signal, Telegram Too

A new malicious campaign is active in the wild aiming at WhatsApp users. The campaign lures users to download ‘WhatsApp Pink’, which actually is malware that also targets Signal and Telegram as well.



Password-stealing Android malware is spreading quickly

A malware campaign with the aim of stealing passwords, bank details and other sensitive information is spreading quickly through Android devices.



QR Codes Popularity May Abused to Deliver Malware and Banking Heists

After conveying the survey, Ivanti came to know that there are 83% of users who have used the QR codes for the very first time, but users don’t know that the increase in the usage of QR codes will also open up many opportunities for different threat actors. And the threat actors might use those opportunities to steal corporate data, they can also infiltrate mobile devices with the help of QR codes.



500,000 Huawei Users Infected with Joker Android Malware From Own Apps Store

In a report,  Doctor Web’s analyst has pronounced that they have recently found Joker Android Malware, identified as multifunctional Trojans of the Android, in the official app store for Huawei devices, AppGallery.



ToxicEye: Trojan abuses Telegram platform to steal your data

Dubbed ToxicEye, the RAT abuses Telegram as part of command-and-control (C2) infrastructure in order to conduct rampant data theft. 

                               GENERAL NEWS




Signal Says Cellebrite Mobile Device Analysis Products Can Be Hacked

Cellebrite’s forensic applications do not include the type of security protections one would expect from a parsing software, which renders them susceptible to attacks, according to privacy-focused messaging service Signal.



Microsoft announces end of life for multiple .NET Framework versions

Microsoft today announced that multiple .NET Framework versions signed using the legacy and insecure Secure Hash Algorithm 1 (SHA-1) will reach end of support next year.



Apple iCloud Mail outage causing email sending, receiving issues

Apple's iCloud Mail service is suffering an outage since this morning, preventing some people from sending and receiving emails.



Ransomware gang now warns they will leak new Apple logos, iPad plans

The REvil ransomware gang has mysteriously removed Apple's schematics from their data leak site after privately warning Quanta that they would leak drawings for the new iPad and new Apple logos.


Botswana Communications Regulatory Authority

Private Bag 00495, Gaborone, Botswana


Disclaimer: This information was gathered from multi-trusted feeds and it is not created by COMM-CIRT