Threat Exchange Network blog: April 2018

The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create your own intelligence feed for free by exporting these IOCs via our API and numerous SIEM plugins.

The fight against cybercrime is a collaborative effort. Here you’ll find some of the top posts from our Threat Exchange Network over the past month.

Join for free today – in addition to fresh intelligence, members also have access to our automated elastic sandbox and real-time cyberthreat map, including details on active crime servers.

Drupalgeddon2 (SA-CORE-2018-002 / CVE-2018-7600) – an analysis of payloads observed in the wild

A few weeks ago a highly critical Drupal vulnerability dubbed as Drupalgeddon2 (SA-CORE-2018-002 / CVE-2018-7600) was discovered and patched by Drupal developers. This security problem permits remote code execution (RCE) without user authentication and affects the Drupal core of versions 7, 8 and the unmaintained 6 too. [30 IOCs]

Ransomware XIAOBA Repurposed as File Infector and Cryptocurrency Miner

Currently, cryptocurrency miners are heavily used by malware across a variety of platforms and servers. Payloads are modified by malware creators to maximize profit, which these days includes the addition of cryptominers into their arsenals. [8 IOCs]

Kaspersky Lab Detects Roaming Mantis Attacking Smartphones in Asia

Kaspersky Lab researchers have discovered new Android malware distributed through a DNS hijacking technique and targeting smartphones, mostly in Asia. [39 IOCs]

Our community is growing daily – become a member for free, earn recognition for your contributions to the Network.

Read our free cyber security and cyber threat reports

Read now
Demo Free Trial MSSP