true
Blog OSINT Threat Report: Ursnif and Gozi Malware on the Rise - Week of 4/23/19

OSINT Threat Report: Ursnif and Gozi Malware on the Rise - Week of 4/23/19

Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here.

 

Ursnif and Gozi Malware on the Rise

Though tracked separately in our platform, Ursnif and Gozi are by far the most-reported malware families from this past week. 

Fileless Threats: Kovter Malware

We're also seeing a rise in Kovter activity. As always, the best advice is to make sure your systems are patched and to be vigilant in detecting and blocking malicious spam as a significant percentage of malware is delivered via email. If you're interested in learning more about fileless threats, Microsoft has a good summary here.

Emotet Still Prevalent

Emotet remains one of the top malware delivery vehicles on the web and it is used to deliver Ursnif/Gozi among other malware. Therefore it's not surprising to see Emotet remaining in the top threats seen on the platform. According to @MalwareTechBlog, "last October Emotet began stealing the content of victim's emails and [this month] it appears Emotet is using the stolen emails to fake replies to existing email chains with malware on a massive scale." You can see the latest indicators for Emotet via TruSTAR.

View this OSINT Threat Report on TruSTAR to correlate IOCs with your own data:

View Report on TruSTAR

 

Not on TruSTAR yet? Request a demo, and in the meantime download IOCs via .txt file: 

  Download .txt File

Intelligence Sharing in the Time of COVID-19 Over the past few months, the world of information sharing has started to come together with security integration and automation. First, the ... Read More
COVID-19 Intelligence Briefing: What Happens Next? TruSTAR recently held an intelligence briefing with leaders from IBM X-Force IRIS, BAE Systems, and Intel471 to discuss the threatscape surrounding ... Read More
COVID-19 Intelligence Briefing: Adversary Attack Patterns & Knock-On Effects TruSTAR recently held an intelligence briefing with leaders from IBM X-Force IRIS, BAE Systems, and Intel471 to discuss the threatscape surrounding ... Read More
OSINT Threat Report: Nemty, the New Ransomware on the Block - Week of September 16 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More