The intelligence in this week’s iteration discuss the following threats: APT, malspam, phishing, Targeted attacks, underground markets, and Vulnerabilities. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.
Trending Threats
ESET Discovered an Undocumented Backdoor Used by the Infamous Stealth Falcon Group (September 9, 2019)The Stealth Falcon threat group, which is known for targeting political activists, dissidents and journalists since at least 2012, has been attributed to a newly-discovered backdoor, according to ESET researchers. A binary backdoor analyzed by ESET was found to be similar to “the PowerShell script with backdoor capabilities attributed to the Stealth Falcon group.” The distribution method of the backdoor, dubbed “Win32/StealthFalcon,” was not reported, however, it may be distributed similar to Stealth Falcon’s PowerShell script; a spearphishing containing a weaponized document attachment. The Win32/StealthFalcon backdoor can allow an actor full remote control of an infected machine.Click here for Anomali recommendationMITRE ATT&CK: [MITRE ATT&CK] Command-Line Interface - T1059 | [MITRE ATT&CK] Execution through API - T1106 | [MITRE ATT&CK] Rundll32 - T1085 | [MITRE ATT&CK] Scheduled Task - T1053 | [MITRE ATT&CK] BITS Jobs - T1197 | [MITRE ATT&CK] Masquerading - T1036 | [MITRE ATT&CK] Security Software Discovery - T1063 |
Support the originator by clicking the read the rest link below.
