Update 12/17: Additional IOCs added related to teardrop secondary payload.
Update 12/16: Based on the announcement from FireEye, Microsoft, and GoDaddy avsvmcloud[.]com has been unblocked as it is now functioning as a kill switch in an effort to help limit adversaries access. Please note that this does not imply that this is a complete protection from these attacks. Additional remediation steps will should and must be taken. Additional details here.
Update 12/14: We note there is a…
Update 12/16: Based on the announcement from FireEye, Microsoft, and GoDaddy avsvmcloud[.]com has been unblocked as it is now functioning as a kill switch in an effort to help limit adversaries access. Please note that this does not imply that this is a complete protection from these attacks. Additional remediation steps will should and must be taken. Additional details here.
Update 12/14: We note there is a…
[[ This is only the beginning! Please visit the blog for the complete entry ]]
Go to Source
Author:
