The intelligence in this week’s iteration discuss the following threats: APT40, APT28, data-breach, Trickbot, phishing, targeted attacks, JhoneRAT, Pegasus. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Threats
NSA Uncovers 'Severe' Microsoft Windows Vulnerability (January 14, 2020)On Tuesday, 13th January, the National Security Agency (NSA) published information on a “severe” vulnerability in Windows 10. The vulnerability, CVE-2020-060, could allow threat actors to spoof the digital certificates used in encrypted communication. This means that devices with the Windows 10 operating system could be at risk of man-in-the-middle attacks. Actors could also decrypt data within applications. The ability to use CryptoAPI spoofing could also enable an actors’ malicious code to look legitimate.Click here for Anomali recommendation
Baby's First Data Breach: App Exposes Baby Photos, Videos (January 14, 2020)Peekaboo Moments, a mobile phone app that is designed for capturing special moments of a baby’s development, has been found to have exposed customer information. Data exposed include email, device information as well as photos and videos. The exposure has occurred due to an open unsecured Elasticsearch server. Facebook API keys as well as the Peekaboo owned API endpoint were exposed. This could allow an attacker to upload or exfiltrate data.Click here for Anomali recommendation
weekly threat briefing australia bushfire donation suffered magecart attack
