Let’s use our threat intel dashboard and find out what’s happening behind the scenes.
AridViper: Who are they?
AridViper is an Arabic-based APT group operating out of Palestine, Egypt, and Turkey. Their victims include military and government organizations, health organizations, economic and financial institutions, leading media entities, research and educational institutions, energy and utility providers, activists, and political leaders.
Why is AridViper trending?
Security researchers from Palo Alto Networks’ Unit 42 division have recently discovered PyMICROPSIA, an info-stealing trojan that serves as a Windows malware for now. It’s so named because it belongs to the MICROPSIA family and is written in Python.
The malware can host attacks, including data stealing, file deletion, taking screenshots, audio recording, and command execution.
The researchers found this malware while tracking AridViper’s activities.Join 1,200 of your colleagues and friends from the industry
Reactions from Twitter
#1 Ratan Jyoti
PyMICROPSIA Windows malware includes checks for Linux and macOS https://t.co/103U8S5X30#CyberSecurity #digital #Hackers #infosec @reach2ratan #malware #cloud #cloudsecurity #dataprotection #Privacy #infosec #informationsecurity #cloudcomputing pic.twitter.com/Xc0K4beSQ3
— Ratan Jyoti (@reach2ratan) December 16, 2020
#2 Unit 42
— Unit 42 (@Unit42_Intel) December 14, 2020
#3 Catalin Cimpanu
— Catalin Cimpanu (@campuscodi) December 15, 2020
AridViper references from KNOW
- Total references: 130
- Last 60 days: 99
- Previous 7 days: 54
AridViper threat context from KNOW
- Risk rules triggered: 7 out of 48
- Intrusion method: Credential stealing
- Campaigns: Operation parliament.
- Related intrusion methods: Phishing, Spam, Scam, ShellCode, Malicious Android App, Infection chain, DLL Side Loading, and 7 more.
- Most recent sandbox sighting: Hybrid Analysis result for ‘http://flushupdate.com/’
Using KNOW to protect yourself from Threat Actors
Apart from being a news aggregator, KNOW is also a threat intel dashboard. You get all the relevant insights from the global threat landscape with the help of KNOW. Netenrich delivers actionable solutions with the help of resolution intelligence and a combination of threat and attack surface intelligence to effectively addresses the following pain points:
- Firstly, your organization’s attack surface is growing faster than your SecOps team and budget.
- Threat actors can see exposed assets that lie outside your security’s purview.
- There is a severe lack of talent and skill gaps are getting wider than ever before.
- Attacks are more frequent and it only takes one to inflict severe, irreversible damage on your organization and business reputation.
Would you like to stay up to date with the trending threats and empower your SecOps team?
What exactly is resolution intelligence, and what will it do for you?
Subscribe To Our Newsletter!
The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.
Thank you for subscribing!