Case Study: Phishing Attack Creates Public Links to Private Files

Scenario
An email Phishing attack resulted in unauthorized access to the victim’s email mailbox and the creation of public-sharing links to private Microsoft OneDrive files.
Background
In early 2019, an AIS Managed SIEM Alert indicated that a Customer email mailbox was accessed from the United States and from Russia less than an hour later, triggering an Impossible Travel Alert. Minutes later, an additional…

AIS Tech Bulletin – Cryptolocker Advisory

 

 AIS TECHNICAL BULLETIN  

 

Date: 06 April 2015

CIS/MS-ISAC ADVISORY NUMBER: n/a
DATE(S) ISSUED: 06 APRIL 2015

SUBJECT: Cryptolocker Advisory

EXECUTIVE SUMMARY:
Ransom Cryptolocker is a ransomware that on execution locks the user’s system, thereby leaving the system in an unusable state. It also encrypts the list of file types present in the user’s system. The compromised user has to pay the attacker with a ransom…

Windows Server 2003 End-of-Support July 14, 2015

 AIS TECHNICAL BULLETIN  

Date: 27 March 2015CIS/MS-ISAC ADVISORY NUMBER: n/aDATE(S) ISSUED: 27 March 2015SUBJECT: Windows Server 2003 End of Support July 14, 2015EXECUTIVE SUMMARY: In July 2010, Microsoft transitioned from providing mainstream support for Windows Server 2003 to releasing critical patches only.  July 14, 2015 marks another transition, this time the end of support (EOS) for Windows Server 2003.THREAT INTELLIGENCE:

TECHNICAL BULLETIN – 10MAR2015

 AIS TECHNICAL BULLETIN

View this email in your browser

Date: 10 March 2015CIS/MS-ISAC ADVISORY NUMBER: 2015-024
DATE(S) ISSUED: 03/10/2015SUBJECT: Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution (MS15-020)EXECUTIVE SUMMARY:

Multiple vulnerabilities have been discovered in Microsoft Windows that could allow for remote code execution. The kernel mode drivers control window displays, screen output, and input from devices that the kernel passes to applications. This…