Skip to main content

All Posts

Anomali Cyber Watch

1

min read

Anomali Cyber Watch: Active Probing Revealed Cobalt Strike C2s, Black Basta Ransomware Connected to FIN7, Robin Banks Phishing-as-a-Service Became Stealthier, and More

Anomali Cyber Watch reports active probing and EDR evasion, Cobalt Strike C2s, Black Basta-FIN7 links, stealthier Robin Banks phishing, infostealers, typosquatting, IOCs attached

Anomali Threat Research

Published on

November 8, 2022

Table of Contents

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Active scanning, EDR evasion, Infostealers, Phishing, and Typosquatting. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.

Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.

‍Trending Cyber News and Threat Intelligence

| [MITRE ATT&CK] Obfuscated Files or Information - T1027 | [MITRE ATT&CK] Credentials from Password Stores - T1555
Tags: detection:Vidar, Malvertising, Binary padding, malware-type:Infostealer, file-type:EXE, file-type:DLL, GNU, Typosquatting, Google Ads, Windows

‍

FEATURED RESOURCES

March 31, 2026

Anomali Cyber Watch

Iran Cyber War, Day 32: FBI Director Breached, Critical Infrastructure Under Siege, and the Silence That Should Worry You Most

Read More

March 31, 2026

Public Sector

Anomali Cyber Watch

The 72-Hour Window: Critical Supply Chain and Edge Device Threats Demand Immediate State Government Action

Read More

March 30, 2026

Anomali Cyber Watch

When Ceasefires Don’t Apply to Cyberspace: 30 Days Into the Iran Cyber War, the Threat Has Never Been Higher

Read More

Explore All