Anomali Blog
Anomali Aggregates Open Source Threat Intelligence to Fight COVID-19-themed Cyber Attacks
Every noteworthy world event is seen by cyber threat actors as an opportunity, and the Coronavirus (COVID-19) has proven to be no different. In response to the growing volume of COVID-19-themed cyber attacks we are seeing, Anomali has been working to collect, curate, and distribute the clear and concise...
Read More
Weekly Threat Briefing: APT36, Coronavirus, Phishing, Remote Access Trojan, and More
The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Data Leak, Mobile Malware, Parallax, TrickBot, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More
COVID-19 Themes Are Being Utilized by Threat Actors of Varying Sophistication
Authored by: Gage Mele, Parthiban R., and Tara GouldThe Tactics, Techniques and Procedures (TTPs) Are Known but the Content Is Coronavirus-ThemedOverviewThreat actors are utilizing the global spread of COVID-19 (Coronavirus) to conduct malicious activity. As the world responds to this threat in various ways, actors are...
Read More
Weekly Threat Briefing: Russian APT, Microsoft SMB Vulnerability, Virgin Media Data Leak, and More
The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Turla, Data leak, NSO, CVE, Phishing, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More
Wolves Attack When the Herd Is Distracted
Andrew de Lange, Anomali’s Senior Solutions Consultant in the Middle East, provides some insight into his time as Head of Intelligence and Incident Response for a major African bank.Can You Stay Focused On Cybersecurity During a Pandemic?Weekends, holidays and now most recently, panic during the Coronavirus...
Read More
Weekly Threat Briefing: PwndLocker Ransomware, Key Fob Cloning, Analyzing Trojans, U.S. Primary Election Interference, and More
The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Data breach, Phishing, Ransomware, Trojans, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity.
Figure 1...
Read More
Weekly Threat Briefing: APT Activity, Chrome 0-Day, MuddyWater, and More
The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: 0-Day, Data breach, NetSupport Manager RAT, Roaming Mantis, Sea Turtle, and Trickbot. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs...
Read More
Weekly Threat Briefing: Data Breaches, Malware, Ransomware, Vulnerabilities and More
The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Android Malware, Data Breach, Hardware Vulnerabilities, Ransomware, Phishing, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential...
Read More
Weekly Threat Briefing: Iranian APTs, Airport Cybersecurity, Phishing Attack on Puerto Rican Government, Ransomware, and More
The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Malware, Phishing, Remote Access Trojans, Viruses, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious...
Read More
Weekly Threat Briefing: Charming Kitten Hackers Impersonate Journalist in Phishing Attacks
The various threat intelligence stories in this iteration of the Weekly Threat Briefing (WTB) discusses the following topics: APT, Data Leak, Phishing, PII, Ransomware, TA505, Targeted Attacks, and Vulnerability. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to...
Read More
Weekly Threat Briefing: Government Spyware Company Spied On Hundreds Of Innocent People
The various threat intelligence stories in this iteration of the Weekly Threat Briefing (WTB) discusses the following topics: APT, Backdoor, Data leak, Emotet, Malspam, Spyware, Winnti, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check...
Read More
Weekly Threat Briefing: Over Half of Organisations Were Successfully Phished In 2019
The various threat intelligence stories in this iteration of the Weekly Threat Briefing (WTB) discusses the following topics: BitPyLock, Business Email Compromise, Data Breaches, Konni Group, Phishing, and Zero-Day. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to...
Read More
APTs & Threat Actors That May Increase Hostile Activity Due to Elimination of Iranian General Quassem Suleimani
The Anomali Threat Research Team monitors the global cyberthreat landscape continually. Our experts focus on geographies of interest, provide around-the-clock intelligence on adversaries, and guidance on how to defend networks and people against cyberattacks.Anomali has been monitoring the Middle East long before the current situation with Iran developed. For...
Read More
Weekly Threat Briefing: Australia Bushfire Donation Site Suffered MageCart Attack
The intelligence in this week’s iteration discuss the following threats: APT40, APT28, data-breach, Trickbot, phishing, targeted attacks, JhoneRAT, Pegasus. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.Figure 1 - IOC...
Read More
Weekly Threat Briefing: Iranian Hackers Have Been ‘Password-Spraying’ the US Grid
The intelligence in this week’s iteration discuss the following threats: APTs, Credential theft, Iran, Malware, Ransomware, and Vulnerabilities. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.
Figure 1: IOC Summary...
Read More
Weekly Threat Briefing: Colorado Town Wires Over $1 Million To BEC Scammers
The intelligence in this week’s iteration discuss the following threats: BabyShark, Fraud, Maze Ransomware, North Korea, POS malware, Ransomware, Rowhammer, Ryuk Ransomware, Thallium. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious...
Read More
Weekly Threat Briefing: Emotet Gang Changes Tactics Ahead of the Winter Holidays
This section listed below contains summaries on various threat intelligence stories that occurred during the past week. The intelligence in this week's iteration discuss the following threats: APT20, Dudell, Malspam, Phishing, Poison Frog, Rancor, Stronium, Targeted attacks, Tokyo Olympics 2020, and Zero-day. The IOCs related to these stories are attached...
Read More
Weekly Threat Briefing: Visa Warns of Targeted PoS Attacks on Gas Station Merchants
The intelligence in this week’s iteration discuss the following threats: Backdoor, BlackTech, Data Breach, Ransomware, Snatch, Trickbot, Vega, WaterBear, Zeppelin. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.Figure 1...
Read More
Phishing Campaign Targets Login Credentials of Multiple US, International Government Procurement Services
OverviewThe Anomali Threat Research Team identified a credential harvesting campaign designed to steal login details from multiple government procurement services. The procurement services are used by many public and private sector organisations to match buyers and suppliers. In this campaign, attackers spoofed sites for multiple international government departments, email...
Read More
Weekly Threat Briefing: BMW Hacked By Hackers
The intelligence in this week’s iteration discuss the following threats: APT33, BankBot, CryusOne, Dridex, Magecart, Python, PyXie, OceanLotus, REvil, StrangHogg, The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.Figure...
Read More
