I’ve uploaded some unreported #sunburst#supernova samples I found on VirusTotal to https://t.co/UPJykPswBU and for those interested I’ve also submitted other samples (minus size limited ones) from the IOC list to @mal_share
Checkout and download our latest aggregated, curated list of IOCs from a variety of public sources such as vendor reporting and malware repos
#sunburst#SolarWinds#threatintel
To contribute to the overall effort in response to the #SolarWinds compromise, @Anomali Threat Research has published a publicly-available Threat Bulletin of known #IOCs to help organizations defend against the attack. Visit our blog: https://t.co/ZngPgtfpWa
#malXLSX exploiting #CVE-2017-11882 to drop what appears to be #agenttesla
MRKRFQPD-1682020.xlsx
cb57e8bab6e835b5c8a41db0429fb9d4
pars-science[.]ir
INTERIORRAWFILE.exe
3fb45dffb8a667262be92cee09cf5311
#malware#ThreatIntel#ThreatHunting
استكمالاً لتغريداتنا القديمة المتعلقة بحملة Bad Tidings والتي تم التغريد عنها مسبقاً في حسابنا ، نرفع لكم ملف تحليلي لأهم المستجدات المتعلقه بها.
https://t.co/nZyVAX0cjO
Appears to be #AgentTesla delivered via #maldoc exploiting #CVE-2017-11882. #opendir: savemodificationgloballyfromthepinaltypo[.]duckdns[.]org
NEW ORDER NO. SVLG075904.docx
551077ebeb5bc105ffd4b433ed89358a
rb[.]gy
vbc.exe-3a38731d63fc1d7397ea3b7c4bc2c73d
@joakimkennedy@rpsanch