Rewterz

Rewterz Threat Advisory – CVE-2020-2504 – QNAP QES directory traversal

December 28, 2020
Rewterz

Rewterz Threat Alert – APT Using Steganography to Spread CobaltStrike

December 29, 2020

Rewterz Threat Alert – Active Phishing Targeting Microsoft

Severity

Medium

Analysis Summary

A spear phishing campaign detected targeting Microsoft’s login page luring users to put up their credentials and playing into the hands of threat actors. This has been a common practice by threat actors to impersonate the login page of Microsoft and these type of phishing activities increase at the end of the year as well. 

Image

Impact

Credential theft

Indicators of Compromise

http[:]//printerstudent[.]com/ssl/cmd-login=7b7adf0f2b466d1461eae7dcc85b77d4/

Remediation

  • Block all threat indicators at your respective controls.
  • Always be suspicious about emails sent by unknown senders.
  • Never click on links/attachments sent by unknown senders.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.