The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: Android Malware, Data Breach, Hardware Vulnerabilities, Ransomware, Phishing, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Attacker Can Impersonate Other Mobile Phone Users
(published: February 24, 2020)
Researchers at Ruhr-Universität Bochum have identified a vulnerability in 4G that allows for user impersonation. This enables purchases to be made without the user’s knowledge such as streaming services, that are sent to the victim’s mobile phone bill. The vulnerability affects all devices that connect to 4G, which includes mobile phones, tablets and even some household appliances. In order for an attack to occur, the perpetrator must be within the vicinity of a victim where they can modify data packets. The modification can make the phone and base station decrypt or encrypt messages into plain text, along with sending commands to the phone that are encrypted and forwarded to the phone provider.Click here for Anomali recommendationMITRE ATT&CK: [MITRE ATT&CK] Data Encrypted - T1022 | [MITRE ATT&CK] Transmitted Data Manipulation - T1493
