Just Another Blue Teamer · @LeeArchinal
60 followers · 100 posts · Server ioc.exchangeGood day everyone! The #TransparentTribe, or #APT36, is the focus of today's #readoftheday and it is brought to you by SentinelOne. The researchers provide technical details that show how the group spread the #CrimsonRAT to its victims, what anti-analysis techniques they used, and how they gained persistence! Enjoy and Happy Hunting!
Transparent Tribe (APT36) | Pakistan-Aligned Threat Actor Expands Interest in Indian Education Sector
https://www.sentinelone.com/labs/transparent-tribe-apt36-pakistan-aligned-threat-actor-expands-interest-in-indian-education-sector/
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting
#transparenttribe #APT36 #readoftheday #crimsonrat #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting
Jessica Beffa · @jessicabeffa
53 followers · 75 posts · Server infosec.exchange
Today~ @ESETresearch identified an active #TransparentTribe #APT36 campaign targeting Indian and Pakistani officials through fake Android “secure messaging” apps in a romance scam, distributing the #CapraRAT backdoor - More at WeLiveSecurity:
#transparenttribe #APT36 #caprarat
da_667 · @da_667
2310 followers · 757 posts · Server infosec.exchangeEmerging Threats Daily Ruleset Update Summary 2022/11/07
Summary:
9 new OPEN, 18 new PRO (9 + 9) Chromeloader, SocGholish,
TransparentTribe, WinGO\Monitor.go, Various Android Mobile Malware,
Phishing, and more.
Thanks @MalGamy @0xrb
Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback
Added rules:
Open:
2039744 - ET MALWARE ChromeLoader CnC Domain (istakechau .autos) in DNS Lookup (malware.rules)
2039745 - ET MALWARE ChromeLoader CnC Domain (imenttogethe .xyz) in DNS Lookup (malware.rules)
2039746 - ET MALWARE ChromeLoader CnC Checkin M1 (malware.rules)
2039747 - ET MALWARE ChromeLoader CnC Error (malware.rules)
2039748 - ET MALWARE ChromeLoader CnC Checkin M2 (malware.rules)
2039749 - ET MALWARE WinGO\Monitor.go CnC Checkin (malware.rules)
2039750 - ET MALWARE APT36/TransparentTribe CnC Domain (richa-sharma .ddns .net) in DNS Lookup (malware.rules)
2039751 - ET MALWARE SocGholish Domain in DNS Lookup (course .netpickstrading .com) (malware.rules)
2039752 - ET MALWARE SocGholish CnC Domain in DNS Lookup (campaign .tworiversboat .com) (malware.rules)
Pro:
2852795 - ETPRO MOBILE_MALWARE Android/Spy.Agent.CCM CnC Domain in DNS Lookup (mobile_malware.rules)
2852796 - ETPRO MOBILE_MALWARE Android/Spy.Agent.CCM CnC Domain in DNS Lookup (mobile_malware.rules)
2852797 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.sn Checkin (mobile_malware.rules)
2852798 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.sn Checkin 2 (mobile_malware.rules)
2852799 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.sn Checkin 3 (mobile_malware.rules)
2852800 - ETPRO MALWARE HTML/Fake Password Protected Document Blob Downloader M1 (malware.rules)
2852801 - ETPRO MALWARE HTML/Fake Password Protected Document Blob Downloader M2 (malware.rules)
2852802 - ETPRO PHISHING Successful Twitter Credential Phish 2022-11-04 (phishing.rules)
2852803 - ETPRO PHISHING Twitter Credential Phish Landing Page 2022-11-04 (phishing.rules)
#Snort #Suricata #NSM #Malware #ChromeLoader #SocGholish #Android_Mobile_Malware #Phishing #TransparentTribe #WinGO\Monitor.go
#snort #suricata #nsm #malware #ChromeLoader #SocGholish #Android_Mobile_Malware #phishing #transparenttribe #WinGO
ITSEC News · @itsecbot
687 followers · 32461 posts · Server schleuss.online
Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government - The group has added a management console and a USB worming function to its main malware, Crimson R... https://threatpost.com/transparent-tribe-ongoing-spy-campaign-military-government/158515/ #transparenttribe #vulnerabilities #militarytargets #cyberespionage #spearphishing #cyberattacks #spycampaign #government #crimsonrat #datatheft #malware #usbworm #apt
#apt #usbworm #malware #datatheft #crimsonrat #government #spycampaign #cyberattacks #spearphishing #cyberespionage #militarytargets #vulnerabilities #transparenttribe