WTB: Remote Mac Exploitation Via Custom URL Schemes

September 4, 2018 | Anomali Labs

The intelligence in this week’s iteration discuss the following threats: Anonymous, Apache Struts vulnerability, BusyGasper, Cobalt Gang, DarkComet, DDoS, Loki Bot, Spear phishing, and WINDSHIFT APT. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.

Observed Threats

This section includes the top threats observed from the Anomali Community user base as well as sensors deployed by Anomali Labs. A ThreatStream account is required to view this section. Click here to request a trial. Additional information regarding the threats discussed in this week’s Community Threat Briefing can be found below:

Spear Phishing
Spear phishing is a tactic in which a threat actor targets a specific business, individual, or organization via email or another form of electronic communication while tricking the recipient into thinking the email originated from an authentic source. The objective of spear phishing is to gain an initial infection vector within a particular company’s or individual’s network. Threat actors will attempt to make the communication appear to originate from a source that the recipient would be familiar with and/or deem trustworthy. Spear phishing is used by all levels of threat actors, including Advanced Persistent Threat (APT) groups.
 
Anomali Labs
About the Author

Anomali Labs

Get the latest threat intelligence news in your email.