• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – CVE-2019-0251/ CVE-2019-0259 – SAP BusinessObjects BI Multiple Vulnerabilities
February 21, 2019
Rewterz Threat Alert – Multiple Phishing Campaigns – IoCs
February 22, 2019

Rewterz Threat Alert – Fraudulent Phishing Emails – IoCs

February 21, 2019

Severity

Medium

Analysis Summary

Another MalSpam campaign has been observed containing malicious file attachments, which also have malicious URLs embedded in them. Following IoCs have been retrieved from this phishing campaign.

Impact

  • Loss of sensitive information
  • Credential theft
  • Malware infection

Indicators of Compromise

URLs

  • googlex.alibobomoneyman[.]xyz
  • hxxps://www.dropbox[.]com/s/yk7m01jp5xq67bz/confirm_invoice.zip?dl=1 voicewaves[.]com/abnow/usa/myway/index2.php.
  • voicewaves[.]com/abnow/
  • voicewaves[.]com/verifyab/
  • voicemail-listen[.]com

Email Address

  • linda[@]alliedmortgage[.]com
  • ap[@]voicemail-listen[.]com

Malware Hash (MD5/SHA1/SH256)

cfd7c140e37c9a6ff608205f087b8325

37210ce95cd3faa0a757d67f06d8e4af

Remediation

Block the threat indicators at their respective controls.

Do not download email attachments and do not click on links attached in emails from unknown sources.

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.