Threat Exchange Network blog: March 2018
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create your own intelligence feed for free by exporting these IOCs via our API and numerous SIEM plugins.
The fight against cybercrime is a collaborative effort. Here you’ll find some of the top posts from our Threat Exchange Network over the past month.
Join for free today – in addition to fresh intelligence, members also have access to our automated elastic sandbox and real-time cyberthreat map, including details on active crime servers.
A new Android malware family was recently discovered, masquerading as several different legitimate Android apps. The family has been dubbed “HenBox” due to its metadata, including package names and signer details. [226 IOCs]
A Flash Player zero-day flaw has been discovered in Flash Player 188.8.131.52 and below. The South Korean Emergency Response Team (KrCERT) found the flaw distributed via malicious Office documents containing the embedded exploit. [13 IOCs]
Turkish, Pakistani and Tajikistani organizations have suffered a campaign which bears some similarities to MuddyWater, which hit various industries in the Middle East and Central Asia. It was called MuddyWater due to difficulties in attribution. [50 IOCs]
McAfee confirmed that Hidden Cobra continues to target financial and cryptocurrency organizations. Analysis observed the return of its Bankshot malware implants in the Turkish financial system. [8 IOCs]
Our community is growing daily – become a member for free, earn recognition for your contributions to the Network.