WTB: First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records
Get COVID-19 Cyber Security Resources Learn More

Weekly Threat Briefing: First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

May 29, 2019 | Anomali Threat Research Team

The intelligence in this week’s iteration discuss the following threats: APT, Backdoor, Banking trojan, Data leak, Keylogger, Malspam, Malvertising, Misconfigured database, Phishing, Ransomware, Targeted attacks, and Vulnerabilities. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.

Observed Threats

This section includes the top threats observed from the Anomali Community user base as well as sensors deployed by Anomali Labs. A ThreatStream account is required to view this section. Click here to request a trial.


APT10 is believed to be a China-based group that has been active since at least 2009, and first appeared in public sources in 2013. They gained notoriety by targeting defense contractors around the world, but primarily those located in the U.S. APT10 has evolved from primarily targeting the Defense Industrial Base (DIB) to conducting global cyberespionage campaigns against numerous targets in multiple sectors. They are a highly sophisticated group that specializes in acquiring strategic information that researchers believe is based on achieving China’s national security objectives. APT10 is believed to have been able to compromise government agencies, as well as public and private organizations around the globe and exfiltrated large amounts of sensitive information.

Anomali Threat Research Team
About the Author

Anomali Threat Research Team

Subscribe to the Anomali Newsletter—get the latest Anomali updates and cybersecurity news straight to your inbox each month.

Subscribe Now