Rewterz

Rewterz Threat Advisory – Apache Cassandra directory traversal

December 31, 2020
Rewterz

Rewterz Threat Alert – COVID-19 Pharmaceuticals Continue to be Phishing Targets

December 31, 2020

Rewterz Threat Alert – Fake Microsoft Login Page

Severity

Medium

Analysis Summary

Phishing campaign targeting users to verify their passwords before 31st December 2020 or their account will be locked. This has been an ongoing trend to target user to rob them off from their credentials and use their data for their gains. Users are advised to be aware of these emails and not click on any sort of emails from unknown senders or with subjects that are unusual and not enter credentials on any redirected login page.

Image
Image

Impact

  • Credential theft
  • Exposure of sensitive data 

Indicators of Compromise

Email Subject

Extremity Alert

URL

hxxps[:]//compassoproducaodigital[[.]]com[[.]]br/[.]well-known/OfficeV4/authorize_client_id

Remediation

  • Block all threat indicators at your respective controls.
  • Always be suspicious about emails sent by unknown senders.
  • Never click on links/attachments sent by unknown senders.
  • Search for IOCs in your environment.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.