Iranian backed group steps up phishing campaigns against Israel, U.S.
ID: 5d9a8d20-e837-54aa-9e32-d29a3c4aafcf
STIX ID: report--5d9a8d20-e837-54aa-9e32-d29a3c4aafcf
Feed Name: Google's Threat Analysis Group (TAG)
Threat Score
Indicators of compromise attributed to APT42: the report lists phishing-kit domains and URLs, additional malicious domains and storage links, multiple SHA256 hashes tied to malware families (NEWSTERMINAL, OFFICEFUEL, FUELDUMP, GORBLE PS), and two C2 IP addresses (49.13.194.118, 91.107.150.184), intended for use in detection and blocking.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.