The SOC at Jigsaw Security has been monitoring several increases in activity over the last several days. We have noted over 2.1 million new and unique indicators in the past 48 hours. This uptick in activity is a result of changing landscapes in ransomware and some state sponsored threat actors. See the activity report below for what we are currently tracking.
We noted a new campaign coming from China APT10 which is increasing in volume and number of attacks identified.
Noted several separate incidents over the last 2 days that have been observed and reported.
A few more events and activity from our team:
UAE University was targeted with some phishing attacks some of which were successful. A handful of malicious VBA scripts were reported in new attacks in the middle east as well as the US. Unknown activity believed to be from China was detected and reported through our threat intelligence feeds indicating multiple people observing a newly discovered, previously unknown campaign. A direct SMS attack with a Wells Fargo theme was received by multiple cell phone sensors and reported to our customers, the links appeared to be from a Bluehost server with the domain fraternityofshadows[.]com domain. Additional information on this campaign is available in Jigsaw Security Threat Intelligence system. Several customers reported Ramzy Ransomware activity and other intel providers are seeing similar activity.
New Daily Report:
Over the next couple of weeks we will be putting together a mailing list that will include many security related articles of interest. This will be available to our customers (very targeted monitoring) as well as the general public. As always our threat intelligence is available to any organization that is vetted through our system. Advanced and commercial feeds are available for Government, Law Enforcement and trusted partners. Reach out to us if you would like to be added to our daily updates or register on the website using the contact form or chat feature.