The intelligence in this week’s iteration discuss the following threats: Backdoors, Cryptocurrency, Data breaches, Malware, and Trojans. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Compromised Website Led to Australia Parliament Hack (November 18, 2019)The Australian Parliament was infected by a watering-hole attack when politicians browsed a legitimate website that had been already compromised. The attack was discovered in January and the Australian government has stated that the intrusion resulted in a “small amount of non-sensitive data” being breached. The investigation was conducted by the Australian Signals Directorate.Click here for Anomali recommendationMITRE ATT&CK: [MITRE ATT&CK] Third-party Software - T1072 | [MITRE PRE-ATT&CK] Identify sensitive personnel information (PRE-T1051) | [MITRE ATT&CK] Exploit Public-Facing Application - T1190
New Banking Trojan Infects Victims via McDonald’s Malvertising (November 20, 2019)A new banking trojan called “Mispadu” has been seen using McDonald’s coupon lures in Latin America. The trojan has been developed to target Brazilian and Mexican victims, with unique variants for each country. The lures have been sent through email and Facebook adverts. Once a victim has been infected they are served fake pop up advertisements attempting to persuade them into revealing personal information. The trojan also steals device i ..
Support the originator by clicking the read the rest link below.
