Rewterz

Rewterz Threat Advisory – PHPGurukul Directory Management System SQL injection

July 22, 2020
Rewterz

Rewterz Threat Alert – Chinese APT group targets India and Hong Kong

July 23, 2020

Rewterz Threat Alert – IT Help-desk Boys are Back

Severity

Medium

Analysis Summary

A reported phish was seen on 07/23/2020 leveraging a fraudulent IT Helpdesk email enticing users to increase Outlook data limits to prevent email communication disruption. Actors may have connections to Operation Silver Terrier, a Nigerian based actor noted for Credential Harvesting and Password theft.

Impact

Credential theft

Indicators of Compromise

From Email

  • swetlana[.]becker@elkw[.]de

IP

  • 129[.]205[.]113[.]91

SHA1

  • bc03e1780bdc514c9f70ce676eacb5dc2d4b59bb

Remediation

  • Block all threat indicators at your respective controls. 
  • Always be suspicious about emails sent by unknown senders.
  • Never click on the links/attachments sent by unknown senders.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.