March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2019-0251/ CVE-2019-0259 – SAP BusinessObjects BI Multiple Vulnerabilities
February 21, 2019Rewterz Threat Alert – Multiple Phishing Campaigns – IoCs
February 22, 2019Rewterz Threat Advisory – CVE-2019-0251/ CVE-2019-0259 – SAP BusinessObjects BI Multiple Vulnerabilities
February 21, 2019Rewterz Threat Alert – Multiple Phishing Campaigns – IoCs
February 22, 2019
Severity
Medium
Analysis Summary
Another MalSpam campaign has been observed containing malicious file attachments, which also have malicious URLs embedded in them. Following IoCs have been retrieved from this phishing campaign.
Impact
- Loss of sensitive information
- Credential theft
- Malware infection
Indicators of Compromise
URLs
- googlex.alibobomoneyman[.]xyz
- hxxps://www.dropbox[.]com/s/yk7m01jp5xq67bz/confirm_invoice.zip?dl=1 voicewaves[.]com/abnow/usa/myway/index2.php.
- voicewaves[.]com/abnow/
- voicewaves[.]com/verifyab/
- voicemail-listen[.]com
Email Address
- linda[@]alliedmortgage[.]com
- ap[@]voicemail-listen[.]com
Malware Hash (MD5/SHA1/SH256)
cfd7c140e37c9a6ff608205f087b8325
37210ce95cd3faa0a757d67f06d8e4af
Remediation
Block the threat indicators at their respective controls.
Do not download email attachments and do not click on links attached in emails from unknown sources.