The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: COVID-19, Data leak, HIDDEN COBRA, Mandrake, RAT and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
U.S. Secret Service: "Massive Fraud" Against State Unemployment Insurance Programs
(published: May 16, 2020)
The U.S Secret Service have raised an alert regarding an ongoing fraud operation exploiting the COVID-19 pandemic to target multiple state unemployment programs. The group behind this have been filling out unemployment claims using the social security numbers for first responders, government officials, and school employees. The Secret Service believes the threat actors obtained the personally identifiable information (PII) of these individuals through prior database leaks or compromises due to the number of fraudulent claims being made. Washington has been most affected by this, along with Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, and Wyoming.Recommendation: Fraudulent activity themed around recent events such as the COVID-19 pandemic are always prevalent. Controls must be set in place to ensure that the individual filing a claim such as these are genuine and that operations are in place to detect fictitious activity. If multiple claims are coming in from the same source, then this should be met with suspicion and reported for potential fraud.MITRE ATT&CK: [MITRE PRE-ATT&CK] Conduct social engineering - ..
Support the originator by clicking the read the rest link below.
