Rewterz

Rewterz Threat Alert – Pots Ransomware Campaign – IoCs

March 12, 2019
Rewterz

Rewterz Threat Advisory – CVE-2019-0277 SAP HANA Extended Application Services

March 13, 2019

Rewterz Threat Alert – Two Malspam Campaigns Detected

Severity

Medium

Analysis Summary

Two separate Malspam campaigns have been detected. 

One of the campaigns is a Paychex Themed Malspam dropping the Trickbot malware.

The other one is a Swift themed malicious Loki-ISO Malspam campaign.

Email subjects have been retrieved and given below.

Impact

Trickbot

Loki-ISO

Indicators of Compromise

Email Subject Payment Swift Copy FYR
RE: Tax verification documents

Remediation

Scan for the given email subjects. If found, block the sender’s IP, Email Address etc.  

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.