Phishing Campaign Targets Login Credentials of Multiple US, International Government Procurement Services

Overview The Anomali Threat Research Team identified a credential harvesting campaign designed to steal login details from multiple government procurement services. The procurement services are used by many public and private sector organisations to match buyers and suppliers. In this campaign, attackers spoofed sites for multiple international government departments, email…

read more

Weekly Threat Briefing: BMW Hacked By Hackers

The intelligence in this week’s iteration discuss the following threats: APT33, BankBot, CryusOne, Dridex, Magecart, Python, PyXie, OceanLotus, REvil, StrangHogg, The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts.  These charts…

read more

The lure of PSD2

Overview The Payment Services Directive (PSD) was adopted within the European Union in 2007. PSD is a directive aimed at regulating payment services with the intention to make cross-border payments in the EU as easy, efficient and secure as payments within a member state. PSD2 builds on the previous legislation…

read more

Weekly Threat Briefing: Ransomware Attacks In Spain Leave Radio Station In “Hysteria”

The intelligence in this week’s iteration discuss the following threats: Calypso, China, DarkUniverse, Emotet, EternalBlue, Megacortex, Monero, Nanocore, Platinum, Ransomware, and Titanium. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity. Trending Threats November…

read more

Leashing Cerberus

Overview Cerberus is an Android banking trojan first reported on by ThreatFabric in June 2019 that may have been active since at least 2017. The malware is for sale on a Russian hacking forum called xss[.]is where the actors behind its development are selling licenses for the service from $4000…

read more

Anomali: History in the Making

Let me kick off this post by extending a big “thank you” to everyone who participated in Detect ‘19, our fourth annual threat intelligence industry conference. Hundreds of attendees spanning customers, partners, employees, and special guests joined us in National Harbor, Maryland to participate in this history-making cybersecurity event.  Why…

read more

IRS Alerts Taxpayers to New Email Scam

The intelligence in this week’s iteration discuss the following threats: Adware, Data theft, Impersonation Phishing, Ransomware, Targeted attacks, and Vulnerabilities. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity. Trending Threats IRS Alerts Taxpayers to New Email…

read more