Threat Roundup for June 29 to July 6th


Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we've observed this week — covering the dates between June 29 and July 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, it will summarize the threats we've observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

As a reminder, the information provided for the following threats in this post is non-exhaustive, and is current as of the date of publication. Detection and coverage for the following threats is subject to updates, pending additional threat or vulnerability analysis. For the most current information, please refer to your Firepower Management Center, Snort.org, or ClamAV.net.

The most prevalent threats highlighted in this roundup are:

  • Win.Malware.Separ-6598261-0
    Malware
    Separ is spyware that has been delivered via several different spam campaigns. The malware establishes persistence to survive system reboots, and it's able to collect sensitive information by capturing login attempts via a web browser. It disables the Windows firewall if present, propagates and invokes scripts during runtime, and relies on FTP to upload any collected data.
     
  • Win.Malware.Daqc-6598201-0
    Malware
    Daqc is a trojan that collects sensitive information from the infected host and exfiltrates pieces of the collected data over time to a command and control (C2) server. It drops several database files and locks files to properly manage the data it has collected or is queued to collect at a future time.
     
  • Win.Malware.Tspy-6598050-0
    Malware
    Tspy is a trojan with several functionalities. It establishes system persistence to survive reboots. It also contacts domains related to remote access trojans (RATs) but are also known to be hosting C2 servers that send additional commands to the malware. The samples are often packed and contain anti-debug features intended to delay manual analysis.
     
  • Win.Malware.Fareit-6597973-0
    Malware
    Fareit is a trojan with a significant history associated with malware distribution. It is mainly an information-stealer and malware downloader network that installs other malware on infected machines.
     
  • Win.Malware.Razy-6596077-0
    Malware
    Razy is oftentimes a generic detection name for a Windows trojan. Although more recent cases have found it attributed to ransomware that uses the .razy file extension when writing encrypted files to disk, these samples are the former case. They collect sensitive information from the infected host, format and encrypt the data, and sends it to a C2 server.
     
  • Win.Malware.Zusy-6596071-0
    Malware
    Zusy is a trojan that uses Man-in-the-Middle attacks to steal banking information. When executed, it injects itself into legitimate Windows processes such as "explorer.exe" and "winver.exe". When the user access a banking website, it displays a form to trick the user into submitting personal information.
     

Threats

Win.Malware.Separ-6598261-0


Indicators of Compromise


Registry Keys
  • <HKCU>\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
    • Value Name: lodhgyuuuf
Mutexes
  • 716BCAD1::WK
  • DILLOCREATE
  • 4C0::DA783779D0
IP Addresses
  • 198.23.57.8
Domain Names
  • ftp.freehostia.com
Files and or directories created
  • ZREA.vbs
  • nimiki09.vbs
  • enikiol03.bat
  • enikiol02.bat
  • BReader.exe
  • %AppData%\Local\4Adobe\4low
  • %AppData%\Adobe\Adobe INC\AadobeRead\BReader.exe
  • %AppData%\Adobe\Adobe INC\AadobeRead\Adobeta.exe
  • %AppData%\Adobe\Adobe INC
File Hashes
  • 09ebe700700a0e5e49d994093786f6c1bc9d3c400edc94b31693ef5961250d81
  • 12e2ba4b4a310edf9cd97405541565e20d9ea6259d86d96a36fc8b676babb228
  • 14c4a3fd18cad81c55ff4aa192803b748d8810900602c89c26114eb80c9db988
  • 198f46e81e496d6bbe573c21eff095f102d0afa877a51d3de30a2b21f90ed179
  • 21d006b8f12a6b2e3126f3a6cef4f621c314a9dc21be6ffe51950f816f6a88c9
  • 273436ba78c9973251e48bc2eb7771ded5ce3f9183d798d4663672f54ffeb2e2
  • 2b05da4dbfe7ffb80c08383d75e79cc93cf22b6b4a4ad1964f360d1a77a2e9ae
  • 2d8fb96ba74ce2f9f9e8030c4c62606d1fea677cd845f96ee8191250d76f1943
  • 354cf3031b2679f885969746afef780bb1765b0f32613afb6490d5e60b7fe6bc
  • 3ed4b85af6b20e6c2a2b1dba1f76f9e2fae9e8664a0b21cfc77b75fc7b585168
  • 3ef31d4a0bccee0994a4ee525b679da1fd2664f3d96d20371297f6f6645a2ced
  • 3f735ba16d51af841f5a48c9be5a2cb004df275c71cbbdd3497bfe34460f9c93
  • 403d91b31d44acb4a67b5b0dd7679971bedc722244f1b705adfa095632d18cf3
  • 47cd0d0181ae2d2fee85ca67b26fb4366fd44e0391f4c81e7aee2de82de2e87c
  • 4c76b5e7ad6242df21d5dc2094d4dbf6d7ab551d2055844ddb0188d410a02dbd
  • 54ad6cdb5dbdbc93f70e0e69d3e98503e96ae407de19c0d1fb3f4e0d3147e0e5
  • 5c36e8d71fa4060e98d3c6274d7332af963e0f41e3d2eef9eb0b5d96554cb94b
  • 5e43fa2988b68c9c066fe804167a9a0a0e82537359771060f894ee295c1164b4
  • 61540809d55eaa23ba0ac82ff4b530823c93fbc8e7097ccaeb8329e0eb1e48c1
  • 6d7019e4f1e02713046fedb121d15c9a423b8502e792ff42c7896c3b4d9f826d
  • 6f13c5e83ae42cbb755a44c3c45075043983d0eba2846b63442471577bdf6a98
  • 6f9c0cb13cb611de6697837c7dcdcc2899d8497e55258a2a26a41b26e5e7a8de
  • 7115ea1ab97a7187b2a1bb6936fe3df44bc754ec06f70c9f880d9787e605ea60
  • 76a98ee8f9ff749ea39acd024859ea991b2b43e79e37cb131a1a53be614bd753
  • 79789706985bcb5afeffed63805994cbe09966da0544e18a0a059a57064d7039

Coverage


Screenshots of Detection

AMP
ThreatGrid
Umbrella

Win.Malware.Daqc-6598201-0


Indicators of Compromise


Registry Keys
  • <HKCU>\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2
Mutexes
  • N/A
IP Addresses
  • N/A
Domain Names
  • necter7.ru
Files and or directories created
  • %AppData%\mvsh\sghbn.exe
  • %AppData%\Microsoft\Windows\Start Menu\Programs\Startup\mvsh.vbs
  • %AppData%\D282E1\1E80C5.lck
File Hashes
  • 00c8e16c0153a40945b77692bbc28d765e6fc1a5d7100ff67dc7d4a3cf7c250c
  • 011e0b204c466885b489a18062a763a3eab681d1f6d3ddc7584ad89429935664
  • 0681fbcb805b64a7a85ad6883e8c66af4d1cbd0cbc983e8c7c57868885c8eddb
  • 0a0c092a8a390432b9b31b8d7cc9b4780fad2b8878d0bcfdda09f7f9322b1004
  • 1bc4781824a84300edc2f1fa97e42cddce96b273c09fda794f9e30a44ae4c6d5
  • 273c7bc44acc510531dafb34a25aa0463ce28c262c360596f2387f0b3067c0fe
  • 2a63210f0832f22ff67bc5333c3e2f8e327c6353920d6d687c1dec8558e50a83
  • 2a9be0b39fc7f3cd3214ba6854699e6857ba853b175b98d0fe10e151dbce9f4e
  • 2ce787599acee9837624bfa274d04e659ac1fba27a200e451d8369025a3c3b02
  • 331dd1d9b1f53c72bb628913a0d173eb701cdf68de713c1b94bcfef1be8be8f1
  • 36dcfa6c8cb09c85d25b9cfc4ff655a6b7d4ad77b4f75107734e956b2c0c4c52
  • 4278d609c70419e054b5d514e847f05d9e854a6f67c8ca4a17ce02f14d18980e
  • 43957c1ffbb1ae837e2fe6d97603fa0c686f131beebe5c8c17e9c384bd2e5d9d
  • 46a603905dda179887be97eb0894c408613857261d275056d46aa174d1063888
  • 49560519bd1ad245ebcf596fa867db44f5460a4b6e952393c222169fae3458c1
  • 5309ac8962997edc05e88bc99f259d4a0788f08ed0ab92bfeb2075410a0f53ce
  • 60140f334d05733c9e80ec951bbf57d2355e7421197806f3e5373d87feebaca8
  • 69079ab9bf5475c7f561a849a191228e7583c7000f56623f4c2824399ab5fadf
  • 748374631d589f14126473dee5faabbb03de6f436be9ba1f4e9db4a43ad5f335
  • 7ce2a8377d841c6c35b4af7b97df7e1edf41d519026090439b0fce83ed94237e
  • 7f2167ad8d2c8523477e5c89bff7e43c4aaa63bb67738c99f3dcf699f5d23878
  • 87e4364c1075f01bbb5d2e71532eafa03319925cc76a81175f1939e865d73a22
  • 8ded9c78e10011fcc6fd9c7501b54510d64be29ea7a9512018d22a43f9e3b5be
  • 8f6841a0f19f1626723f297a3ada097342ff10b6f4242e48e3b14c8528381de9
  • 9cd31bad005306e5586bd20d5c027d15bd2bdc0f904f3f839309a25c30ffe417

Coverage


Screenshots of Detection

AMP
ThreatGrid
Umbrella

Win.Malware.Tspy-6598050-0


Indicators of Compromise


Registry Keys
  • N/A
Mutexes
  • 3749282D282E1E80C56CAE5A
IP Addresses
  • 31.220.56.187
Domain Names
  • N/A
Files and or directories created
  • \PC*\MAILSLOT\NET\NETLOGON
  • %AppData%\D282E1\1E80C5.lck
  • %AppData%\D282E1
File Hashes
  • 014e34668fdca31f2a599d3fc772fa60893b2790227fe283b6ed73fe207ab091
  • 09df166cabf8e547ba597ece2efac55626fc5148dceacfa85da87bcb4753376e
  • 2b6b2a20912a1d906b374ab10fb6c4ae4d0b3509b5f22543357372ec58e0ebed
  • 3be01ef8167c8be00af7e4c5d6fff6a7429cf31094074fbe9cf2565b4cb67d5b
  • 3f3ff0bfd3eb8ea896a5eaf39c95799124d5e48c892428a1c33395b53fb99d34
  • 4ba249143540292a58750d78c60baaf1903b0bdb4b39447a7cc75e933ba4d360
  • 4ebbaeb26cc27b394e81fd2c361fc21d8ec2bcebd120d2e23b3ab8de09c6de89
  • 4fc79ecb69c7fca766f4da8fbe6c20d35cf45c56fa79dd2599a086683f495c12
  • 51ee89debd42065508888bd475221990c00213e711b9f835768b6c10ff69526b
  • 5548a1dd962ff1c290b39ca973922fe0f4b6906a9ee89504ee935ba71cf41138
  • 572b052bb1eda202ebb968e4c652ccd6b5dc3bb749c3cea41620f095a1ac5192
  • 5a14367912fffeae4298445fb401777c000e8b3fb30bfd148156107b10225b01
  • 617aeefe2f7f063a48b968dc4f08d1ba11165f08a220e802b23ef7dfa80c5e40
  • 66d4fc50ab34bafc66090beccca49fb1cdc59051201f9908836e8ef0b212957a
  • 68b943af3db8015deaf948718711ce477934ded7b26818bc284541744005b89e
  • 6ebd3a5c153e185cbf3aac1e4e8724cece65990726bd75cb3182e40510a27db3
  • 807f1c87820ce553653f29c4cd4aa6bdb12007bdddfb78cc7646a61b7be52a52
  • 80e118cfbd1c4af5658bea2f9d0ab233f015e0add74ca766fde4b9f208db462c
  • 86579c2189c128a9c858acfeb60139323fe01398cee2de6d2fa7e4ef92e937a5
  • 8aca4e49934582ff2db33c822b0d4d32d2623638485df2d8069dcf5572c0d931
  • 90f20d1e2b755846fae5465a086b93937a641cfb4a3337794d5c6dab6f927ea5
  • a2c8af1f4b90fbd2db57433f99f8680df4b529e5580c7d951a48effe8b0783a5
  • aba1625cf886e5ec14860510648e77b4df66b81f6b01ca5627ee376f1c6e203b

Coverage


Screenshots of Detection

AMP
ThreatGrid

Win.Malware.Fareit-6597973-0


Indicators of Compromise


Registry Keys
  • <HKLM>\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN
    • Value Name: J2UXTX7H4BT
Mutexes
  • AE7ED74491CA89C0FD1212B015FD0F24
  • 922ORSE7XC24WH0Z
  • 8-3503835SZBFHHZ
IP Addresses
  • 98.124.199.96
  • 50.97.212.250
  • 38.18.228.192
  • 23.247.23.36
Domain Names
  • www.understandinggod.faith
  • www.ethmined.com
  • www.yyphg8.com
  • www.dariomatamoros.com
  • www.ecomepiphany.com
  • www.enarhcxx.com
  • www.ferertya.com
  • www.rgpclaw.com
  • www.starcarpetcleaningpros.com
  • www.available2.info
Files and or directories created
  • %LocalAppData%\Temp\rhvh0.exe
  • %AppData%\922ORSE7\922logrv.ini
  • %AppData%\922ORSE7\922logri.ini
  • %AppData%\922ORSE7\922logim.jpeg
  • %AppData%\922ORSE7
File Hashes
  • 06700dc880f285572c711fc4adfce57045158ed481d2effca8f4bd07a46ebc6e
  • 24e59d09af4f3ff5fb90ad6468c6e5a03dff284cf28b09f63602e59c17c96c70
  • 2ddc6c4ecf32333927cc32169eb0c291ff3265ff979b6436ce8650072214b58b
  • 328261b4d00e03b8ff7572b1e24b5caf5216579007105761a71207eb31a052d9
  • 466d77d24f1efc960036ec58173872a99a91eb5862bf11079de7dacdfe149926
  • 4706ebc86e7d1e2a179ceeed68948948b1dc864d41b0362e5c69796a674e8429
  • 49cba36aadf7d8d9fae0b76aa465a0d0dc8d24ce4b5325acd6850140d632872a
  • 56d6c66c01fc39a1522a0faa2dbc8d63df17b058fe5bc61a042a727fb156a16d
  • 5c3b4262b04a7b092481019181967ecd4dfe7428845c5f2320fea0960e321f64
  • 5e0c32b0a8425ea362554fa58dfea23c6410aec3c02200ba9fa5ebf04a2f6853
  • 6324c7d1a57f57b9407c78cfdcfd0c60115389b56953ccbd0cc450d616cd6be3
  • 6630e3c3efa79e74d3974abca99c7b6b2260e271b17e87875d3939425c649705
  • 7ff5dc962d9d73109f54ab6dfc7b3242f560f8758fb683070a5ce8a3d3d5bfd5
  • 9d070ad80ebdd96767fef1b1478037125726f70602924bb400128db3765ab8b8
  • a14660359321c5cc109e2ea0cd8effa8efb913d035c7d2aa85a9d7fb72914e0d
  • ab6550747aa04bd64e002fb84f2fb1a9c3d267328f9b4475c31b5e8e41a2197b
  • b6aae639a221efc5c4fb234e554e6123e27e19e90180f22826902d1a61a55eda
  • c37614c78fca54274fdc1d6958ddae14a833791eac9ca1fe2eb6d86f27589936
  • c47de79387cae47c50619e921a182de369f4552a44f447f30777d6dc4dde12de
  • c50019481f97c3b97b4155f06484e90ed2980583efd9146a981f598301802134
  • cb10d039bd219f5fce8ee71a0e447ee1f7a59413613db2efb898314159912a7e
  • d259365b6e3d0f313b5dd634600869f68b3460a4e8acac6f0306ff152cd44340
  • d56c7bb7b58cc99668118ef277a62b85161360546500c12e5ea2f721b456d65f
  • d6e9ec4bea5aff79aead3c25e17f3708aabb9aaf797f9752d10d4e84a7f87151
  • dba3edee7d56ed9cce110b3a172e607639dcb18901a78c8d5721c4f21acd43cd

Coverage


Screenshots of Detection

AMP
ThreatGrid
Umbrella

Win.Malware.Razy-6596077-0


Indicators of Compromise


Registry Keys
  • <HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
Mutexes
  • WmiApRpl_Perf_Library_Lock_PID_968
  • Windows Workflow Foundation 4.0.0.0_Perf_Library_Lock_PID_968
  • ServiceModelOperation 3.0.0.0_Perf_Library_Lock_PID_968
  • PerfNet_Perf_Library_Lock_PID_968
  • Outlook_Perf_Library_Lock_PID_968
IP Addresses
  • 107.180.26.90
Domain Names
  • asli-id.com
Files and or directories created
  • %LocalAppData%\Temp\Ph4.exe
  • %AppData%\K-Mart Corp\K-Mart Corp.exe
  • %AppData%\K-Mart Corp
File Hashes
  • 058f2a286b9dbce25b14efa7a4321505d443a97c11d773024b2e222c54894dfc
  • 0931d88de9c4a7af4484d1a2285f001512c83a721d6e7d9177d6fa3c9c2ff494
  • 0c1609585500a71c55999ca82ff617cf209e09ef640d35d8b334bc0949e1f5c1
  • 0d4b4e859ba805e854df7f44c31745e554275b9c36997c0516b5acad4a29c739
  • 232b077e1df7e90f39f92200c9424918eff1c34d2adf98befb28a2cc664e133c
  • 2f670ff3dd609f23f4c7213a20e5f87e01d1895c08045b7ff70b746b11d7797e
  • 32d5a8609132a6619c27d5da066d6cd0c01ede44e23ae88b3e1a94c31264a2b0
  • 385ebc30d9bf602ce39b8b2d7d09787fd859fca5391f7e282f9a57fb1a7792fc
  • 3b65e590fbd2be761a6cbe540c680d63358dddfc838acd3164a1580dfa3782c6
  • 3f0ce29604df46a478183cba3fe075ac92fbc70221b7163833c9bab62b216aae
  • 40b9d27d3e3e78e52c5df9a060126d0111e6337e86e50962cce38c814ce0c365
  • 419c206b2701529e1475fafde37adad222eceef28a5b6b0ba1e34232ec3e95bd
  • 447ab1be7b297d6b592cbad8f6c35cb269e25c817d6900726fd131234427b898
  • 5cd16c9b64a18d8b8852c0e113b3347e630518e2c034ee8ecdf11c048a5e82fd
  • 5d97798b9fbc7692c9dbcfb0643da0de491b36e2e0cf51060254a2dd6238ea62
  • 608b6dad966c287cdb214acc6883a7bbbb2a0bb12f0dae2a4eaea451186aa899
  • 61ac9dae3f72b71a6128af5207f00d2e48243423596fde881811e5525a53d509
  • 63d3cf1bbf4e3352033506d7feccd4366361b0ccccf6efc7d1bde38593f396dc
  • 6cba1c23e95028056557db02a25d81a6882ca381f44153b338a8fb028f5a81d1
  • 72f3289960744faf657f7f84e98d8f1da3576451aa23f3813e00fcf956920cb1
  • 73f6dee570c360d0b2c6b4f1669aadbe1fda320838f80c8ffa030ba3b6f61738
  • 751269d78fdf8e244295d87a76a839b15672f5d0e6e7bc62cdd31f1deb5c0fa5
  • 75bdd5417105c495fd111bcaafcbed1f37a1e77c64d788f5884df5018c82a4e6
  • 760a2cb6fae52b26406a38e6a93952d2162c27c6712842c8d125685b2b540264
  • 79cd4f4accadc3edcfa90b11b19e56fa4a6a6a5150c3e2f9a467154523ff1870

Coverage


Screenshots of Detection

AMP
ThreatGrid
Umbrella

Win.Malware.Zusy-6596071-0


Indicators of Compromise


Registry Keys
  • <HKLM>\Software\Wow6432Node\Policies\Microsoft\SystemCertificates\CA
  • <HKCU>\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
    • Value Name: internat.exe
Mutexes
  • Sandboxie_SingleInstanceMutex_Control
  • Frz_State
IP Addresses
  • 47.74.230.86
  • 176.9.193.212
Domain Names
  • ffmovne.top
Files and or directories created
  • %LocalAppData%\Temp\Non-resident RunPE Loader(1).exe
  • %LocalAppData%\Temp\flashplayer30_xa_install(2).exe
  • %LocalAppData%\Temp\upd63bc908e.bat
  • %LocalAppData%\Adobe\83474DC8-60A7-4AE9-9182-F2D369E40051
  • %AppData%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\bookmarks-2017-10-03.wyz
File Hashes
  • 00c8d056d3fef3bba3eb185bd837c1fd051376a7e22356a4a82f38f8974cc387
  • 0662906a29d782593e50f6e39dadcf45219ab7265c920406460b77c3501c5413
  • 0744a0cf29c89debc833f46ff72954a860a3e01e1c7b22655e82c5b54bde1158
  • 0864a2254013f1a9d642fe0bf2ecc7ab04933660e2dcf2198e348115b743b422
  • 09df2594832182d1a80285cae34d488db1bed8206e962d20a5f59e78439a70f1
  • 0d16cfb1916b5c969b8ffada7ccbcbbdabe8d479ad713f57f939c47b42150bd5
  • 0eb0e116cd371b7b2b8464056f386a67894525ac7f195d76e45dad6d03ba5c60
  • 18fccd80b2d4b1052db0ce9873204c9a607faae9b69a89013f12423ce01b2aec
  • 1956f981e134f4f3967f6e6c4c5ba5890cf06589e3556466a19c63105fd8b0e1
  • 19e65a425ba57b23ba1238d268335396b245d1393527411a61b46ddfb1a50531
  • 1a42b7494191af666910b9b1c60af40eacd06e7444dd8e01bc4d932134622269
  • 1bdb9eb3a95b52e1833ee7d48c69b3d07134d91c71214637d7a3947582ee5ea0
  • 1f918795596a888660a6ea88157fb86c38c533e4d57a6105801c80abd5ea0008
  • 207b7eab5d6d8bb1e91e188a4c7e6a9d60b5312c5505a0183918b81e83aa63fb
  • 21a48b04e16128278123f694574009104f2d5a8364c38de4cdd52259bf1ee1dc
  • 23cea222de3f0a61da1046f08c77063edb20d9d89add0ab77849909f853d9cf9
  • 23f20614cf3dae1ecfd6291f90cca1645ab4784d449e642dd170cd3e552b24ee
  • 2c224bb1f73819ab08c1a79f553cb348ab9d460fe16ce5950c81d77cba801ada
  • 2cbc5d0f6342db2c3a1af4fc943c69c986b73bd4ed36b69cbbbe89d40c00179c
  • 323e82e0a8fe16b671aab982297a8e22358fdf6aff8d1a6d19f6f401ea24a024
  • 32f0012d9609b9e4bd78838e7f53d4d929174e64ba898ea1b5cd747771ec3862
  • 35a6fe0d09b87c7098e5acd2e23ad034ae7205816a27fd292d940e2b5fb31c57

Coverage


Screenshots of Detection

AMP
ThreatGrid
Umbrella
Tags: ,,,,
Share: Email, ReBlog, Twitter, Facebook, Pinterest, Google+
Newer Post: Newer Post
Older Post: Older Post
Date:
Edit this post

Discussion

Powered by Manual Template
Name

.NET 0-day 0day ACDSee Adobe advisory adwind AMP Android Antenna House antivirus apple APT arbitrary code execution Attribution Automation Bahamut BASS beers with talos bitcoin Bitvote Black Hat botnet Brazil BRKSEC-2010 CASC chrome cisco Cisco Live Cisco Security Clam AV ClamAV Cobalt group code injection command injection conferences Coverage cryptocurrency cryptomining CSV CTA CVE-2016-8610 CVE-2017-0199 cve-2017-11882 CVE-2017-5638 CVE-2018-3857 CVE-2018-3858 CVE-2018-3859 CVE-2018-3860 CVE-2018-3870 CVE-2018-3871 CVE-2018-8506 cybercrime dark cloud DDE Decryptor Def Con detection dispute DOC DoS Excel Exploit exploit kits RTF fast flux Flash formbook Foscam Foxit Fuzzing gandcrab google GoScanSSH gozi gplayed GravityRAT Group123 Hangul healthcare HWP Hyland IcedID ICS IDA Pro IMAP incident response India inesap infostealer intel iOS IoT iot malware iPhone IR isfb jRAT JScript kernel mode KevDroid Korea Linux macros MalDoc Malware Malware Analysis Malware Research MDM meltdown meraki Microsoft Microsoft Patch Tuesday Middle East miners mining mobile device management monero Moxa ms tuesday natus NavRAT new router malware NordVPN North Korea nvidia Office office router attack Olympic Destoryer Olympic Destroyer Olympics opsec password stealer patch tuesday PDF phishing PhotoLine PLC podcast pony Powershell privilege escalation ProntoVPN PTEX PubNub PubNubRAT py2exe Pyeongchang pyrebox python Qatar ransomware RAT remcos remote access tool remote code execution research research spotlight reven ReversingLabs Rocke Rockwell Automation ROKRAT rootkit rtf ruby ryptoShuffler samsam samsung Scriptlets security updates sennoma signatures SimpleDirect Media Layer smartthings Smoke Loader Snort Snort Rules Sony South Korea spam spectre spyeye stealer steam struts support Talos TALOS-2017-0507 talosintelligence.com telegrab telegram Tetrane Thanatos ThanatosDecryptor threat intelligence Threat Research Threat Research Summit Threat Round-up Threat Roundup ThreatGrid threats TIFF trickbot trojan TTRS Umbrella ursnif VBScript VMI vpn filter attack VPNFiler VPNFilter VPNFilter malware vuln dev vulndev vulnerabilities Vulnerability vulnerability analysis Vulnerability Report Vulnerability Research vulnerability spotlight vulnerabillity vulnerable routers Whitepaper Windows WindowsCodecs.dll wipers xamarin XSS
false
ltr
item
materialize material: Threat Roundup for June 29 to July 6th
Threat Roundup for June 29 to July 6th
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiIBou0gQC8J1Kiv3LY5d-uRzw56rCyy1JYC8fr-cKQ-A2HDPU2s7lfxD9bmAn89J9rQCEgVuTvi3FlEjJJC64_ml1ZtV6v4hwfG_hVajlx8QKRuP4tvoTA-PXmqBg9qVlg_AsD5KiOwT8/s640/threat_roundup_logo_v2+%25281%2529.png
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiIBou0gQC8J1Kiv3LY5d-uRzw56rCyy1JYC8fr-cKQ-A2HDPU2s7lfxD9bmAn89J9rQCEgVuTvi3FlEjJJC64_ml1ZtV6v4hwfG_hVajlx8QKRuP4tvoTA-PXmqBg9qVlg_AsD5KiOwT8/s72-c/threat_roundup_logo_v2+%25281%2529.png
materialize material
https://materialize-material.blogspot.com/2018/07/threat-roundup-for-june-29-to-july-6th.html
https://materialize-material.blogspot.com/
http://materialize-material.blogspot.com/
http://materialize-material.blogspot.com/2018/07/threat-roundup-for-june-29-to-july-6th.html
true
1816414542238562206
UTF-8
Not found any posts Not found any related posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU Tag ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Contents See also related Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy