Rewterz Threat Advisory – F5 BIG-IP APM / Edge Client Security Bypass Vulnerability
April 2, 2019Rewterz threat Advisory – Advantech WebAccess/SCADA Multiple Vulnerabilities
April 3, 2019Rewterz Threat Advisory – F5 BIG-IP APM / Edge Client Security Bypass Vulnerability
April 2, 2019Rewterz threat Advisory – Advantech WebAccess/SCADA Multiple Vulnerabilities
April 3, 2019Analysis Summary
Different threat indicators are observed in phishing campaigns dropping malicious url’s. Threat indicators are provided.
Indicators of Compromise
URLs
- hxxps[:]//www.healthcity[.]fr/nh/
- beast888.ddns[.]net
- hxxps://www[.]dropbox[.]com/s/m781jltckhtp257/RCN%20CONTRACT%20_MAHALASA%20%20SCANNED%20%20%20CONTRACT%20COPY.ace?dl=1
Email Address
- return[@]theinboxbox[.]com
- tarirk1948[@]gmail[.]com
Malware Hash (MD5/SHA1/SH256)
- c59800ec71970b7d2e82881acfcd13bc
- 4b0f0146cee0588bca9036954d5939b7
Remediation
- Block threat indicators at respective controls
- Always be aware of the suspicious emails sent by unknown senders
- Never click on the link/attachments sent by unknown senders