Anomali Blog
Get COVID-19 Cyber Security Resources Learn More

Anomali Blog

Weekly Threat Briefing

Weekly Threat Briefing: Backdoors, iOS Vulnerability, Remote Access Trojans, TrickBot Update, and more

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Android Vulnerability, Data breach, COVID-19, Ransomware, Russia, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Data Breach, Ransomware, Spyware, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Android Malware, Bluetooth, Phishing, Winnti Group , WolfRAT, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Android Malware, APT, Data Breach, Spyware and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: COVID-19, Data leak, HIDDEN COBRA, Mandrake, RAT and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: APT Group, Linux Malware, Ransomware and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Bugs, Exploit, Healthcare Attacks, Naikon, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. ...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: New Android Malware, PerSwaysion Phishing Campaign, SaltStack Vulnerabilities, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT activity, Malspam, Phishing, Ransomware, Spearphishing, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. ...
Read More


Research

Anomali Suspects that China-Backed APT Pirate Panda May Be Seeking Access to Vietnam Government Data Center

Authored by: Sara Moore, Joakim Kennedy, Parthiban R, and Rory GouldThe Anomali Threat Research Team detected a spear phishing email targeting government employees in the Municipality of Da Nang, Vietnam. The email contained a malicious Microsoft Excel document which drops a malicious Dynamic-Link Library (DLL) providing the actor with...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Malware, iOS Malware, Winnti, APT Group, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Asnarok, APT, Florentine Banker Group, Monero, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. ...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: APT41, COVID-19, Government Phishing and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Mobile Malware, Patching, PoetRAT, Ransomware, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. ...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: New dark_nexus Botnet, Pegasus Spyware, SFO Airport Data Breach, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Botnet, Data breach, Malware, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1...
Read More


Research

COVID-19 Themed HawkEye Phishing Campaign Targets Healthcare Sector: Dissection of the MalDoc and the Two-Way Approach

OverviewThreat actors continue to utilize COVID-19-themed lures to distribute malware as the world responds to the Coronavirus pandemic. Anomali researchers have identified a phishing campaign that is distributing HawkEye malware via Rich Text Format (RTF) documents. This campaign is interesting because HawkEye is a commodity malware with customizable...
Read More


Cyber Threat Intelligence

Free Threat Intel Consolidated at COVID-19 Attacks Resource Center

As the global COVID-19 crisis continues to escalate, organizations are facing an increasing number of cyber attacks aimed at exploiting the situation. Anomali and our threat intelligence ecosystem partners are continuously identifying attackers attempting to lure unsuspecting users with phishing, fraud, and disinformation campaigns.To help you protect your company...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Firefox Zero-Day, CoViper Malware, Loncom Packer, MS-SQL Campaign, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APTs, COVID-19, Data breach, Malware, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity.Figure 1...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: APT41, Exploits, lightSpy, TA505 and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT Groups, Data Breach, Mobile Malware, Router Vulnerabilities, Remote Access Trojans, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your...
Read More


Cyber Threat Intelligence

Leverage ThreatStream and DomainTools COVID-19 Threat List

Deliver COVID-19 Intelligence to Your Security ControlsMalicious actors continue to leverage the global Coronavirus (COVID-19) pandemic to register phishing and malware domains to lure unsuspecting users into disclosing their credentials or downloading and executing malware onto their systems. Anomali and our partner ecosystem have publicly released data and...
Read More


Research

Anomali Aggregates Open Source Threat Intelligence to Fight COVID-19-themed Cyber Attacks

Every noteworthy world event is seen by cyber threat actors as an opportunity, and the Coronavirus (COVID-19) has proven to be no different. In response to the growing volume of COVID-19-themed cyber attacks we are seeing, Anomali has been working to collect, curate, and distribute the clear and concise...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: APT36, Coronavirus, Phishing, Remote Access Trojan, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Data Leak, Mobile Malware, Parallax, TrickBot, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More


Research

COVID-19 Themes Are Being Utilized by Threat Actors of Varying Sophistication

Authored by: Gage Mele, Parthiban R., and Tara GouldThe Tactics, Techniques and Procedures (TTPs) Are Known but the Content Is Coronavirus-ThemedOverviewThreat actors are utilizing the global spread of COVID-19 (Coronavirus) to conduct malicious activity. As the world responds to this threat in various ways, actors are...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Russian APT, Microsoft SMB Vulnerability, Virgin Media Data Leak, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Turla, Data leak, NSO, CVE, Phishing, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More


Cyber Threat Intelligence

Wolves Attack When the Herd Is Distracted

Andrew de Lange, Anomali’s Senior Solutions Consultant in the Middle East, provides some insight into his time as Head of Intelligence and Incident Response for a major African bank.Can You Stay Focused On Cybersecurity During a Pandemic?Weekends, holidays and now most recently, panic during the Coronavirus...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: PwndLocker Ransomware, Key Fob Cloning, Analyzing Trojans, U.S. Primary Election Interference, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Data breach, Phishing, Ransomware, Trojans, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1...
Read More


Subscribe to the Anomali Newsletter—get the latest Anomali updates and cybersecurity news straight to your inbox each month.

Subscribe Now