Today, Talos is publishing a glimpse of the most prevalent threats from 15 January to 22 January. As with previous roundups, this post does not have an in-depth analysis. Instead, this post will summarize the major threats that we have discussed by highlighting key behavioral characteristics, indicators of compromise, and how our customers are automatically protected from these threats.
As a reminder, the information provided for the following threats in this post is non-detailed and current as of the date of publication. Additionally, please keep in mind that IOC discovery is only part of the threat victim. Opening a single IOC does not necessarily imply malfeasance. Investigation and coverage for the following threats are subject to update, pending additional threat or vulnerability analysis. For the most current information, please see your Firepower Management Center, Snort.org, or ClamAV.net.
20210122-tru.json – This is a JSON file containing the IOCs referenced in this post, as well as all hashes associated with the cluster. The list in this blog post is limited to 25 hashes. As always, please remember that all IOCs contained in this document are indicative and that a single IOC does not indicate maliciousness. See Read more Link above for more information.