Rewterz Threat Alert – Banking Trojan Cerberus is on Google Play Store
July 7, 2020Rewterz Threat Advisory – CVE-2020-3973 – VMware VeloCloud SQL-injection vulnerability
July 8, 2020Rewterz Threat Alert – Banking Trojan Cerberus is on Google Play Store
July 7, 2020Rewterz Threat Advisory – CVE-2020-3973 – VMware VeloCloud SQL-injection vulnerability
July 8, 2020Severity
High
Analysis Summary
A newly uncovered phishing group is targeting big companies around the world. It’s thought to be the first major scam gang of its type operating out of Russia, indicating a potential shift in the cyber-threat landscape. (BEC) scam is a lucrative business for cybercriminals.with organisations losing hundreds of millions of dollars a month after being tricked into sending finances into accounts owned by criminals. The campaign has targeted individuals in 46 countries across six continents and combines in-depth research on target organisations and their executives alongside two spoof email chains sent to the victim that touches on current themes, including the coronavirus pandemic. The well-researched and legitimate-sounding emails designed to look like they come from people known to the victim might be difficult to defend against, but it isn’t impossible.
Impact
- Credential theft
- Exposure of sensitive data
Indicators of Compromise
Email Subject
- “Discussion today”
- “Discussion today – corporate development”
- “Follow-up discussion”
- “Important – Urgent discussion”
- “Urgent Discussion”
- “Corporate matter”
- “Corporate matter follow up”
- “Corporate matter to resolve”
- “Corporate matter with law firm”
Remediation
- Block all threat indicators at your respective controls.
- Always be suspicious about emails sent by unknown senders.
- Never click on the links/attachments sent by unknown senders.