

Rewterz Threat Alert – MuddyWaters APT Recent Activity and Indicators of Compromise
April 19, 2019
Rewterz Threat Advisory – CVE-2019-10955 – Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers
April 24, 2019
Rewterz Threat Alert – MuddyWaters APT Recent Activity and Indicators of Compromise
April 19, 2019
Rewterz Threat Advisory – CVE-2019-10955 – Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers
April 24, 2019Severity
Medium
Analysis Summary
Multiple phishing campaigns have been observed as follows:
- Suspicious email in Portuguese containing a malicious URL
- ACH Themed Phishing email that directs to a Microsoft-themed credential harvesting page.
- Maybank-themed Phishing Email with the subject “Re: RN/190419/003 : RE: error”, containing a malicious embedded URL.
Impact
- Malware Infection
- Credential Theft
Indicators of Compromise
URLs
- root[@]live[.]com
- hxxps://www.careerfirst[.]lk/courses/scripts/pc/?cliente=
Email Subject
- ACH Remittance Advice
- Re: RN/190419/003 : RE: error
Remediation
- Scan for the threat indicators and block at their respective controls, if found.
- Do not click on links received in emails from untrusted sources.