The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Data breach, Phishing, Ransomware, Trojans, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Threat researchers are Volexity have discovered an exploit in the wild for a Microsoft Exchange Control Panel (ECP) vulnerability, approximately two weeks after Microsoft released a patch for the vulnerability. The ECP vulnerability (CVE-2020-0688) is a result of the “Exchange Server failing to properly create unique cryptographic keys at the time of installation,” according to Trend Micro’s Zero Day Initiative. The exploit requires access to compromised credentials, and Volexity has observed threat actors exploiting the vulnerability to conduct reconnaissance, deploy webshell backdoors, and execute in-memory post-exploitation frameworks, leading the researchers to believe that state-sponsored Advanced Persistent Threat (APT) groups may be behind the detected attacks.Click here for Anomali recommendationMITRE ATT&CK: [MITRE ATT&CK] Brute Force - T1110 | [MITRE ATT&CK] Web Shell - T1100 | [MITRE ATT&CK] Process Injection - T1055 A study published by University of Birmingham and KU Leuvan in Belgium claims that millions of cars with radio-enabled car keys made by Toyota, Hyundai, and Kia may be vulnerable to RFID fob cloning. According to the research, a vehicle highjacker could use an RFID reader device to clone ..Support the originator by clicking the read the rest link below.
