Scribd
Upload
43 views2 pages

SOC Incident

The document provides a global threat notification report from June 6th summarizing various cybersecurity threats including the removal of Facebook accounts demonstrating pro-Russian behavior, malware targeting victims and delivering infostealers, botnet and extortion activity monitoring, and vulnerabilities in devices and software. Specific IP addresses were also listed on subsequent dates engaging in spam, scanning, and other abusive behaviors.

Uploaded by

Harris Iskandar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
43 views2 pages

SOC Incident

The document provides a global threat notification report from June 6th summarizing various cybersecurity threats including the removal of Facebook accounts demonstrating pro-Russian behavior, malware targeting victims and delivering infostealers, botnet and extortion activity monitoring, and vulnerabilities in devices and software. Specific IP addresses were also listed on subsequent dates engaging in spam, scanning, and other abusive behaviors.

Uploaded by

Harris Iskandar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Global Threat Notification 06 June 2021

Recorded Future                           
                         
No  Date  Headline 
Facebook Removes 168 Total Accounts from Sudan for Demonstrating
1.  04/06/2021 
Coordinated Inauthentic Behavior in Support of Pro-Russian Interests 
                          
IBM x-Force Advisories                           
                        
Please take necessary action based on articles below:                         
  
No  Date  Headline  Link 
Threat Actors
Paying for
Google Pay-per-
Click Ads to https://exchange.xforce.ibmcloud.com/threats/
1.  05/06/2021 
Target Victims guid:4404606985cfa42c09425542026355e2   
and Deliver
Infostealer
Software 
NCAS Malware
Analysis Report
https://exchange.xforce.ibmcloud.com/threats/
2.  04/06/2021  AR21-148A -
guid:d2c2cbdff0747be04df97fa428159cc6 
Cobalt Strike
Beacon 
Dridex Botnet
https://exchange.xforce.ibmcloud.com/collection/Dridex-Botnet-
3.  06/06/2021  Activity
Activity-Monitoring-0f0b48c73d5b8ccada97584cd9023dec 
Monitoring 
Phorpiex Botnet
https://exchange.xforce.ibmcloud.com/collection/Phorpiex-
Extortion
4.  06/06/2021  Botnet-Extortion-Activity-Monitoring-
Activity
76265914d081e79d158260bf5385a9da 
Monitoring 
                            
CVE Vulnerabilities                          
  
No  Date  Vulnerabilities  Headline  Link 
Advantech
CVE-2021- https://exchange.xforce.ibmcloud.com/
1.  03/06/2021  iView security
32930  vulnerabilities/203024 
bypass 
CHIYU IoT
CVE-2021- Devices https://exchange.xforce.ibmcloud.com/
2.  03/06/2021 
31251  security vulnerabilities/202978 
bypass 
GitLab
Kramdown https://exchange.xforce.ibmcloud.com/
3.  03/06/2021  - 
options code vulnerabilities/202977 
execution 
 
7 June 2021

SECURITY NOTIFICATION INCIDENT SOC025098 - ESA Daily Security Report


Threat IP Adress:
1. 159.89.166.116 (United States)
a. Spam (86%)
b. Bots (71%)
2. 154.72.202.170 (Uganda)
a. Scanning (100%)
3. 133.167.40.130 (Japan)
a. Spam (100%)
b. Bots (86%)

8 June 2021

SECURITY NOTIFICATION INCIDENT SOC025107 - ESA Daily Security Report


Threat IP Adress:
1. 63.80.190.68 (United States)
a. This IP was reported 102 times.
b. Confidence of Abuse is 100%

2. 103.107.116.3 (Indonesia)
a. Spam (71%)

3. 133.167.40.130 (Japan)
a. Spam (100%)
b. Bots (86%)

You might also like