Threat Exchange Network blog: March 2018

The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create your own intelligence feed for free by exporting these IOCs via our API and numerous SIEM plugins.

The fight against cybercrime is a collaborative effort. Here you’ll find some of the top posts from our Threat Exchange Network over the past month.

Join for free today – in addition to fresh intelligence, members also have access to our automated elastic sandbox and real-time cyberthreat map, including details on active crime servers.

HenBox: The Chickens Come Home to Roost

A new Android malware family was recently discovered, masquerading as several different legitimate Android apps. The family has been dubbed “HenBox” due to its metadata, including package names and signer details. [226 IOCs]

Hermes ransomware distributed to South Koreans via recent Flash zero-day

A Flash Player zero-day flaw has been discovered in Flash Player and below. The South Korean Emergency Response Team (KrCERT) found the flaw distributed via malicious Office documents containing the embedded exploit. [13 IOCs]

Campaign Possibly Connected to “MuddyWater” Surfaces in the Middle East and Central Asia

Turkish, Pakistani and Tajikistani organizations have suffered a campaign which bears some similarities to MuddyWater, which hit various industries in the Middle East and Central Asia. It was called MuddyWater due to difficulties in attribution. [50 IOCs]

Hidden Cobra Targets Turkish Financial Sector With New Bankshot Implant

McAfee confirmed that Hidden Cobra continues to target financial and cryptocurrency organizations. Analysis observed the return of its Bankshot malware implants in the Turkish financial system. [8 IOCs]

Our community is growing daily – become a member for free, earn recognition for your contributions to the Network.

Read our free cyber security and cyber threat reports

Read now
Demo Free Trial MSSP