The various threat intelligence stories in this iteration of the Weekly Threat Briefing (WTB) discusses the following topics: APT, Data Leak, Phishing, PII, Ransomware, TA505, Targeted Attacks, and Vulnerability. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Threats
Netanyahu's party exposes data on over 6.4 million Israelis (February 10, 2020)Verizon Media researcher Ran Bar-Zik found that a misconfiguration in an election-related application resulted in the leak of Personally Identifiable Information (PII) associated to approximately 6.5 million Israeli citizens. The data was exposed because of an API endpoint left unsecured without a password. The application, called “Elector”, was created by the party of Israeli prime minister, Benjamin Netanyahu. The data consisted of: age, full name, gender, home address, ID card numbers, and political preferences. As of this writing, it is unknown if the data was illicitly accessed.Click here for Anomali recommendation
China-linked hackers have targeted Malaysian government, officials warn (February 6, 2020)The Malaysian Computer Emergency Response Team (CERT) has observed an increase in targeting against Government departments in Malaysia. The researchers mention APT40 in their report but do not attribute this activity to the group, as of this writing. The attack has been described as a data-stealing espionage campaign. APT40 has been active since 2013 and has been responsible for cyber-espionage campaigns against multiple targets involved in the Belt ..
Support the originator by clicking the read the rest link below.
