The intelligence in this week’s iteration discuss the following threats: CamScanner, Data Breaches, FIN6, iPhone Hacking, Quasar RAT, Retadup Botnet, REvil Ransomware, TA505, and TrickBot. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.
Trending Threats
U.S. Jury Indicts Suspected Capital One Hacker on Wire Fraud, Data Theft Charges (August 29, 2019)Following the conclusion of a federal grand jury investigation, formal charges have been filed against Paige Thompson, the suspected threat actor who obtained personal information of over 100 million people in a Capital One data breach between March and July 2019. Thompson, a former Amazon Web Services (AWS) software engineer, is charged with wire fraud and computer data theft. In late March 2019, Thompson created a program that scanned cloud customers for a specific web application firewall misconfiguration, ultimately exploiting the misconfiguration to extract account credentials for more than 30 victim databases, one of which was Capital One. The Department of Justice has not identified the other companies or agencies breached by Thompson. According to Capital One, approximately 140,000 Social Security numbers and 80,000 associated bank account numbers were compromised in the data breach.Click here for Anomali recommendationMITRE ATT&CK: [MITRE PRE-ATT&CK] Identify sensitive personnel information (PRE-T1051)
Google Researchers Discover Malicious Websites Hacking iPhones for Years (August 29, 2019)Researchers at Google’s Treat Analyst Group (TAG) and Project Zero have discovered a series of hacked websites that have been ..
Support the originator by clicking the read the rest link below.
