November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – CVE-2020-2504 – QNAP QES directory traversal
December 28, 2020Rewterz Threat Alert – APT Using Steganography to Spread CobaltStrike
December 29, 2020Rewterz Threat Advisory – CVE-2020-2504 – QNAP QES directory traversal
December 28, 2020Rewterz Threat Alert – APT Using Steganography to Spread CobaltStrike
December 29, 2020
Severity
Medium
Analysis Summary
A spear phishing campaign detected targeting Microsoft’s login page luring users to put up their credentials and playing into the hands of threat actors. This has been a common practice by threat actors to impersonate the login page of Microsoft and these type of phishing activities increase at the end of the year as well.
Impact
Credential theft
Indicators of Compromise
http[:]//printerstudent[.]com/ssl/cmd-login=7b7adf0f2b466d1461eae7dcc85b77d4/
Remediation
- Block all threat indicators at your respective controls.
- Always be suspicious about emails sent by unknown senders.
- Never click on links/attachments sent by unknown senders.