Connect with us

Google

Countering threats from Iran

Technical DetailsIndicators from APT28 phishing campaign:service-reset-password-moderate-digital.rf[.]gdreset-service-identity-mail.42web[.]iodigital-email-software.great-site[.]netIndicators from APT35 campaigns:Abused Google Properties:https://sites.google[.]com/view/ty85yt8tg8-download-rtih4ithr/https://sites.google[.]com/view/user-id-568245/https://sites.google[.]com/view/hhbejfdwdhwuhscbsb-xscvhdvbc/Abused Dropbox Properties:https://www.dropbox[.]com/s/68y4vpfu8pc3imf/Iraq&Jewish.pdfPhishing Domains:nco2[.]livesummit-files[.]comfiletransfer[.]clubcontinuetogo[.]meaccessverification[.]onlinecustomers-verification-identifier[.]siteservice-activity-session[.]onlineidentifier-service-review[.]siterecovery-activity-identification[.]sitereview-session-confirmation[.]siterecovery-service-activity[.]siteverify-service-activity[.]siteservice-manager-notifications[.]infoAndroid App:https://www.virustotal.com/gui/file/5d3ff202f20af915863eee45916412a271bae1ea3a0e20988309c16723ce4da5/detectionAndroid App C2:communication-shield[.]sitecdsa[.]xyz Source

Published

on

Technical Details

Indicators from APT28 phishing campaign:

service-reset-password-moderate-digital.rf[.]gd

reset-service-identity-mail.42web[.]io

digital-email-software.great-site[.]net

Indicators from APT35 campaigns:

Abused Google Properties:

https://sites.google[.]com/view/ty85yt8tg8-download-rtih4ithr/

https://sites.google[.]com/view/user-id-568245/

https://sites.google[.]com/view/hhbejfdwdhwuhscbsb-xscvhdvbc/

Abused Dropbox Properties:

https://www.dropbox[.]com/s/68y4vpfu8pc3imf/Iraq&Jewish.pdf

Phishing Domains:

nco2[.]live

summit-files[.]com

filetransfer[.]club

continuetogo[.]me

accessverification[.]online

customers-verification-identifier[.]site

service-activity-session[.]online

identifier-service-review[.]site

recovery-activity-identification[.]site

review-session-confirmation[.]site

recovery-service-activity[.]site

verify-service-activity[.]site

service-manager-notifications[.]info

Android App:

https://www.virustotal.com/gui/file/5d3ff202f20af915863eee45916412a271bae1ea3a0e20988309c16723ce4da5/detection

Android App C2:

communication-shield[.]site

cdsa[.]xyz

Source

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Google

Reference past chats for more tailored help with Gemini Advanced.

Starting today, Gemini can now recall your past chats to provide more helpful responses. Whether you’re asking a question about something you’ve already discussed, or as… Source

Published

on

By

Starting today, Gemini can now recall your past chats to provide more helpful responses. Whether you’re asking a question about something you’ve already discussed, or as…

Source

Continue Reading

Google

Welcome to the Google Pixel House at NBA All-Star Weekend.

Google Pixel returns to NBA All-Star Weekend in San Francisco, California, with two interactive fan experiences.First, check out the Google Pixel House where you can dem… Source

Published

on

By

Google Pixel returns to NBA All-Star Weekend in San Francisco, California, with two interactive fan experiences.First, check out the Google Pixel House where you can dem…

Source

Continue Reading

Google

5 ways Chrome Enterprise can secure your business every day

Learn how Chrome Enterprise offers an extra layer of protection and control businesses can adapt to meet their needs. Source

Published

on

By

Learn how Chrome Enterprise offers an extra layer of protection and control businesses can adapt to meet their needs.

Source

Continue Reading

Trending

Copyright © 2021 Today's Digital.