The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Emotet, Ice Phishing, Iran, Trickbot and Zoho. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
EvilPlayout: Attack Against Iran’s State Broadcaster
(published: February 18, 2022)
Checkpoint Researchers have released an article detailing their findings regarding a wave of cyber attacks directed at Iranian broadcast infrastructure during late January 2022. IRIB, an Iranian state broadcaster, was compromised, with malicious executables and wipers being responsible for the attack. Said malware had multiple functions, including hijacking of several tv stations to play recordings of political opposition leaders demanding the assassination of Iran’s supreme leader. Additional functionality includes custom backdoors, screenshot capability and several bash scripts to download other malicious executables. The malware appears new, with no previous appearances, nor has there been any actor attribution as of the date of publication.Analyst Comment: Utilize all telemetry and feed it into a SIEM to help identify malicious activity within your network. Anomali Match can collide this telemetry against global intelligence to assist in identifying malicious indicators within your network. A defense in depth approach will also mitigate the damage any compromises can do to your infrastructure.MITRE ATT&CK: [MITRE ATT&CK] Screen Capture - T1113Tags: Iran, IRIB, Ava, Telewebion
..
Support the originator by clicking the read the rest link below.
