Page 17 - Threat Intelligence 9-5-2019
P. 17
Potential Hurricane Dorian Cyber Scams
The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain vigilant for
malicious cyber activity targeting Hurricane Dorian disaster victims and potential donors.
Fraudulent emails commonly appear after major natural disasters and often contain links or
attachments that direct users to malicious websites. Users should exercise caution in handling any
email with a hurricane-related subject line, attachment, or hyperlink. In addition, users should be
wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events. To
avoid becoming victims of malicious activity, users and administrators should review the following
resources and take preventative measures:
• Staying Alert to Disaster-related Scams
• Before Giving to a Charity
• Staying Safe on Social Networking Sites
• Avoiding Social Engineering and Phishing Attacks
If you believe you have been a victim of cybercrime, file a complaint with the Federal Bureau of
Investigation Internet Crime Complaint Center at www.ic3.gov.
Vulnerabilities and Indicators of Compromise
➢ Weekly Vulnerability Summary from US-CERT
➢ Talos weekly alerts
➢ Advanced SMS Phishing Attacks Against Modern Android-based Smartphones
➢ JSWorm: The 4th Version of the Infamous Ransomware
➢ Nemty Ransomware Gets Distribution from RIG Exploit Kit
➢ Asset Enumeration: Expanding a Target's Attack Surface
➢ Credential Gathering Campaign
"[...] really sit down and think about what you want to protect and who you
want to protect it from. And the reason why this is incredibly important is
that trying to protect everything all the time from everybody will just drive
you crazy.“
-Eva Galperin, Director of Cybersecurity EFF
