Nous pensons qu'il est impératif de créer un écosystème de partenaires technologiques et d'investir dans celui-ci pour obtenir de meilleurs résultats commerciaux pour nos clients. Le partage de renseignements et d'informations sur les menaces entre les ISAC, les ISAO et d'autres communautés dépend également de cette collaboration.
<p><strong>NBC was owned this morning and serving up malicious javascript.</strong></p><p><img alt="" src="https://cdn.filestackcontent.com/F3IvTYwoRXCcct4TxZfu" style="width: 957px; height: 413px;"/></p><p>Malicious javascript file added to nbc.com this morning is serving up Citadel (Zeus Varient) by exploiting known PDF and Java vulnerabilities.</p><p><strong>Indicators of compromise:</strong></p><p>hxxp://priceworldpublishing.com<br/> hxxp://flying-gators-mac.com<br/> hxxp://clientesporinternet.com<br/> hxxp://finesseindia.com<br/> hxxp://zafood.net<br/> hxxp://fabricaequiposestetica.com<br/> hxxp://gonullersultani.net<br/> hxxp://justyourmessage.com<br/> hxxp://allsystemscorp.com<br/> hxxp://registrosanitarioinvima.com<br/> hxxp://fattjoints.com<br/> hxxp://buubinorthpointestates.com<br/> hxxp://hideshadow.com<br/> hxxp://erabisnis.net<br/> hxxp://datingquotes.net<br/> hxxp://bridalplaces.com<br/> hxxp://moi-npovye-sploett.com/qqqq/1.php<br/> hxxp://priceworldpublishing.com/aynk.html<br/> hxxp://nikweinstein.com/cl/google.php<br/> hxxp://walterjeffers.com/ctuk.html<br/> hxxp://barbecuechickenrecipes.org/ctuk.htm<br/> hxxp://umaiskhan.com/ztuj.html<br/> hxxp://toplineops.com/mtnk.html<br/> hxxp://gonullersultani.net/znzd.htm<br/> hxxp://erabisnis.net/znzd.htm<br/> hxxp://electricianfortwayne.info/62.html<br/> hxxp://moi-npovye-sploett.com/cGeQc0wz1KPI/larktion.php<br/> hxxp://toplineops.com/mtnk.html<br/> hxxp://electricianfortwayne.info/62.html<br/> hxxp://electricianfortwayne.info/987.pdf</p><p><strong>MD5/VT: </strong></p><p><a href="https://www.virustotal.com/en/file/6b276bee21bf5946461e3c62f447b3be7179e9cce4742a61b26417609ed001ee/analysis/" rel="nofollow" target="_blank">https://www.virustotal.com/en/file/6b276bee21bf5946461e3c62f447b3be7179e9cce4742a61b26417609ed001ee/analysis/</a></p><p><a href="https://www.virustotal.com/en/file/9cd13ffb2e5eb7b96cbfb3cc3b10e223043940daeb51aa2e68983849673d2dc9/analysis/" rel="nofollow" target="_blank">https://www.virustotal.com/en/file/9cd13ffb2e5eb7b96cbfb3cc3b10e223043940daeb51aa2e68983849673d2dc9/analysis/</a></p><p><a href="http://www.threatstream.com/">THREAT STREAM</a> users are covered via SIEM correlation rules to detect potential compromise from this event.</p>
Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox
Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.