Anomali Blog
Get COVID-19 Cyber Security Resources Learn More

Anomali Blog

Weekly Threat Briefing

Weekly Threat Briefing: Backdoors, Magecart, Spearphishing, Ransomware and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Cryptojacking, Data Breach, Maze Ransomware, PII and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity....
Read More


Research

Unknown China-Based APT Targeting Myanmarese Entities

Authored by: Parthiban Rajendran and Gage Mele Information cutoff date: 6/19/2020OverviewAnomali Threat Research has identified malicious activity targeting entities based in Myanmar (Burma) that appears to have begun in March 2020; this is based on file names and payload compilation times. An unidentified Advanced Persistent Threat (APT), very likely China-based,...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: APT Group, Cobalt, COVID-19, Ransomware and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Data Breach, Lazarus, Spearphishing, Trojan and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: APT Group, Microsoft Vulnerabilities, Ransomware, Spyware and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: ActionSpy, APT, Data breach, Magecart, Ransomware, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. ...
Read More


Research

Anomali Threat Research Identifies Fake COVID-19 Contact Tracing Apps Used to Download Malware that Monitors Devices, Steals Personal Data

Authored by: Tara Gould, Gage Mele, Parthiban Rajendran, and Rory GouldOverviewThreat actors are distributing fake Android applications themed around official government COVID-19 contact tracing apps. Anomali Threat Research (ATR) identified multiple applications that contain malware, primarily Anubis and SpyNote, and other generic malware families. These apps, once installed...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Data Breaches, Ransomware, Remote Code Vulnerabilities and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Android Bugs, Exposed PII, REvil Ransomware, Trojans, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Backdoors, iOS Vulnerability, Remote Access Trojans, TrickBot Update, and more

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Android Vulnerability, Data breach, COVID-19, Ransomware, Russia, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Data Breach, Ransomware, Spyware, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Android Malware, Bluetooth, Phishing, Winnti Group , WolfRAT, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Android Malware, APT, Data Breach, Spyware and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: COVID-19, Data leak, HIDDEN COBRA, Mandrake, RAT and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: APT Group, Linux Malware, Ransomware and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Bugs, Exploit, Healthcare Attacks, Naikon, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. ...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: New Android Malware, PerSwaysion Phishing Campaign, SaltStack Vulnerabilities, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT activity, Malspam, Phishing, Ransomware, Spearphishing, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. ...
Read More


Research

Anomali Suspects that China-Backed APT Pirate Panda May Be Seeking Access to Vietnam Government Data Center

Authored by: Sara Moore, Joakim Kennedy, Parthiban R, and Rory GouldThe Anomali Threat Research Team detected a spear phishing email targeting government employees in the Municipality of Da Nang, Vietnam. The email contained a malicious Microsoft Excel document which drops a malicious Dynamic-Link Library (DLL) providing the actor with...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Malware, iOS Malware, Winnti, APT Group, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Asnarok, APT, Florentine Banker Group, Monero, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. ...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: APT41, COVID-19, Government Phishing and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Mobile Malware, Patching, PoetRAT, Ransomware, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. ...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: New dark_nexus Botnet, Pegasus Spyware, SFO Airport Data Breach, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Botnet, Data breach, Malware, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1...
Read More


Research

COVID-19 Themed HawkEye Phishing Campaign Targets Healthcare Sector: Dissection of the MalDoc and the Two-Way Approach

OverviewThreat actors continue to utilize COVID-19-themed lures to distribute malware as the world responds to the Coronavirus pandemic. Anomali researchers have identified a phishing campaign that is distributing HawkEye malware via Rich Text Format (RTF) documents. This campaign is interesting because HawkEye is a commodity malware with customizable...
Read More


Cyber Threat Intelligence

Free Threat Intel Consolidated at COVID-19 Attacks Resource Center

As the global COVID-19 crisis continues to escalate, organizations are facing an increasing number of cyber attacks aimed at exploiting the situation. Anomali and our threat intelligence ecosystem partners are continuously identifying attackers attempting to lure unsuspecting users with phishing, fraud, and disinformation campaigns.To help you protect your company...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: Firefox Zero-Day, CoViper Malware, Loncom Packer, MS-SQL Campaign, and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APTs, COVID-19, Data breach, Malware, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity.Figure 1...
Read More


Weekly Threat Briefing

Weekly Threat Briefing: APT41, Exploits, lightSpy, TA505 and More

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT Groups, Data Breach, Mobile Malware, Router Vulnerabilities, Remote Access Trojans, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your...
Read More


Cyber Threat Intelligence

Leverage ThreatStream and DomainTools COVID-19 Threat List

Deliver COVID-19 Intelligence to Your Security ControlsMalicious actors continue to leverage the global Coronavirus (COVID-19) pandemic to register phishing and malware domains to lure unsuspecting users into disclosing their credentials or downloading and executing malware onto their systems. Anomali and our partner ecosystem have publicly released data and...
Read More


Subscribe to the Anomali Newsletter—get the latest Anomali updates and cybersecurity news straight to your inbox each month.

Subscribe Now