WTB: Weak Passwords Let a Hacker Access Internal Sprint Staff Portal

August 28, 2018 | Anomali Labs

The intelligence in this week’s iteration discuss the following threats: APT, Backdoor, Cyberespionage, Data breach, Data leak, Ransomware, Spearphishing, Targeted attacks, and Vulnerabilities. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.

Observed Threats

This section includes the top threats observed from the Anomali Community user base as well as sensors deployed by Anomali Labs. A ThreatStream account is required to view this section. Click here to request a trial. Additional information regarding the threats discussed in this week’s Community Threat Briefing can be found below:

Turla
The Advanced Persistent Threat (APT) group “Turla” is believed to be a Russian based group that has been active since at least 2007. Turla conducts cyber espionage against government entities around the world. The group is connected to the “Epic” cyber espionage campaign that targets government agencies around the globe, and is also connected to the Agent.btz worm that infected the network of the U.S. Department of Justice in 2008.
APT28
The Advanced Persistent Threat (APT) group “APT28” is believed to be a Russian-sponsored group that has been active since at least 2007. The group displays high levels of sophistication in the multiple campaigns that they have been attributed to, and various malware and tools used to conduct the operations align with the strategic interests of the Russian government. The group is believed to operate under the Main Intelligence Directorate (GRU), the foreign intelligence agency of the Russian armed forces.
 
 
 
 
 
Anomali Labs
About the Author

Anomali Labs

Get the latest threat intelligence news in your email.