Rewterz Threat Advisory – CVE-2021-3041 – Palo Alto Cortex XDR Agent Vulnerability
June 10, 2021Rewterz Threat Alert – Nanocore Rat – Active IOCs
June 10, 2021Rewterz Threat Advisory – CVE-2021-3041 – Palo Alto Cortex XDR Agent Vulnerability
June 10, 2021Rewterz Threat Alert – Nanocore Rat – Active IOCs
June 10, 2021Severity
High
Analysis Summary
Another active phishing campaign targeting Google accounts has surfaced targeting different users in different organizations. These type of campaigns are used for credential theft and is the most basic type of campaigns that are targeted towards a certain sector or organizations. This campaign is just a login page impersonating a Google account login page for users to enter their credentials and redirected towards another phishing page. Users are advised not to click on these malicious emails and look for senders that are unknown and are sending links/ attachments which do not pertain to their organizations.
Impact
- Credential theft
- Exposure of sensitive data
Indicators of Compromise
URL
- https[:]//recidivism-apostrop[.]000webhostapp[.]com/
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.
- Always be suspicious about emails sent by unknown senders.
- Never click on links/attachments sent by unknown senders.