The intelligence in this week’s iteration discuss the following threats: Calypso, China, DarkUniverse, Emotet, EternalBlue, Megacortex, Monero, Nanocore, Platinum, Ransomware, and Titanium. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.
Trending Threats
November 2019 Patch Tuesday Forecast: Out With Old, In With The New (November 8, 2019)With the upcoming End-Of-Life (EOL) for Windows 7, users are reminded to assess their operating system. Using an unsupported operating system leaves the user open to attacks such as ransomware, as attacks will exploit vulnerabilities. Support for Windows 10 Home, Professional and Professional Workstations Version 1803 is also ending. For users not intending on upgrading, it is highly recommended to put in place mitigation such as application control, privilege management and restrict network access to prevent against exploitation.Click here for Anomali recommendation
Titanium: The Platinum Group Strikes Again (November 8, 2019)Platinum, an Advanced Persistent Threat (APT) group focused on the Asia Pacific region have been utilizing a new backdoor “Titanium” in recent attacks, according to researchers at Kaspersky. Targeting Indonesia, Malaysia and Vietnam, the infection spreads via local intranet websites. Once in the system, the payload is downloaded from a Command and Control (C2) server, with a backdoor downloader that pulls down an installer. Using the Windows Background Intelligent Transfer Service (BITS) and cURL, the final payload is downloaded. Loaded into memory, the payload is obfuscated using Windows API calls to bypass anti-virus software. Due to the use of encryption and fileless technologies the malwar ..
Support the originator by clicking the read the rest link below.
