Rewterz Threat Advisory – CVE-2020-17534 – Apache HTML/Java API privilege escalation
January 12, 2021Rewterz Threat Alert – Dridex Banking Malware
January 12, 2021Rewterz Threat Advisory – CVE-2020-17534 – Apache HTML/Java API privilege escalation
January 12, 2021Rewterz Threat Alert – Dridex Banking Malware
January 12, 2021Severity
Medium
Analysis Summary
A spear phishing campaign detected targeting Microsoft’s login page luring users to put up their credentials and playing into the hands of threat actors. This has been a common practice by threat actors to impersonate the login page of Microsoft and these type of phishing activities increase at the end of the year as well.
Impact
- Credential theft
- Exposure of sensitive data
Indicators of Compromise
URL
hxxp[:]//myworkingthing.h4bd9098ayhcsascvv.workers.dev/
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.