The intelligence in this week’s iteration discuss the following threats: China, Iran, Magecart, Nautilus, Neuron, NordVPN, Spidey Bot, Turla, Waterbug, and Winnti Group. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.
Trending Threats
AWS Left Reeling After Eight-Hour DDoS (October 24, 2019)Amazon was hit by a Distributed Denial of Service (DDoS) attack this week which took service offline for up to eight hours. The DDoS targeting the Amazon Web Services (AWS) Router 53 DNS web service which in turn affected other services. The success of the attack calls into question the DDoS-mitigation platform Shield Advanced which was used by AWS during the attack.Click here for Anomali recommendationMITRE ATT&CK: [MITRE ATT&CK] Endpoint Denial of Service - T1499
Facebook Pulls Fake News Networks Linked to Russia and Iran (October 23, 2019)Facebook has detected and taken down four networks of accounts that they say are linked to Iran and Russia. These accounts are believed to be designed to interfere in elections. One of the networks was targeting the 2020 United States presidential elections and appears to be linked to the Russian organisation the Internet Research Agency (IRA). Other networks targeted North Africa and Latin America. Facebook has taken action under their policy on misrepresentation. 93 Facebook accounts, 17 Facebook pages and 4 Instagram accounts were removed for violating its policy and were linked to efforts originating in Iran to target the United States and North Africa. Other acc ..
Support the originator by clicking the read the rest link below.
