The intelligence in this week’s iteration discuss the following threats: Backdoor, BlackTech, Data Breach, Ransomware, Snatch, Trickbot, Vega, WaterBear, Zeppelin. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Apple Patched AirDos Vulnerability With iOS 13.3 Along With Other Security Fixes (December 15, 2019)Apple released iOS 13.3, fixing numerous security bugs affecting Apple iPhones and iPads, including the “AirDos” vulnerability. AirDos, a vulnerability found in the AirDrop feature, has been especially troublesome, in that a potential malicious actor could simply spam a nearby iPhone or iPad with AirDrop share popups, blocking the user interface so the device owner no longer has any functionality on the device. Researcher Kishan Bagaria reported the vulnerability to Apple, even providing a video walkthrough to demonstrate the ease of the attack, and a fix was included in this most recent iOS update. Apple also fixed a Facetime bug and a security-bypass vulnerability affecting the Live Photo feature (CVE-2019-8830 and CVE-2019-8857) in the update.Click here for Anomali recommendation
Attackers Steal Credit Cards in Rooster Teeth Data Breach (December 13, 2019)Rooster Teeth Productions, the production company behind popular web series “Red vs. Blue” and “Crunch Time,” have suffered a data breach due to a malicious script injected into the company’s online store, allowing a malicious actor to steal payment card and personal information from shoppers. Accord ..
Support the originator by clicking the read the rest link below.
