Daily

1. We have asked appsec team to validate below rogue application OTRS ticket 2018050723005022 has been raised for the same.- Closed

hxxps://play.google.com/store/apps/details?id=com.nirmallabs.onlinebanking.

2. 2018050423020805- Carbon black analysis regarding Fireeye alert "Malware Object” for system has been shared with team.

 Incidet report AXI-ISA-337 has been created for the same. 

3. OTRS ticket 2018050723033331 has been raised for blocking below domain which are observed through Akamai ETP.- Closed

competition6685{.}lieordie92{.}loan{.}-

competition5681{.}getyourchance100{.}loan{.}

game8549{.}getyourchance7{.}loan{.}

4. OTRS ticket 2018050723042214 has been raised for blocking below domains which are observed Akamai ETP.- Closed

applehouseshimla[.]com

www{.}dccmulki{.}in{.}

5. OTRS ticket 2018050723040716 has been raised for Carbon Black alert found multiple vulnerabilities in Oracle Java on system IE browser. Recommended action has been shared with respective team.  Incidet report AXI-ISA-338 has been created for the same. - Open

6. 2018050623012678 | Bluecoat Suspicious:Trojan.Script.Miner.gen - Multiple vulnaribilties found on url www[.]iiap[.]res[.]in. Url categorized as Education and Reference. Details has been shared with team. - Closed

7. RSA & NC Weekly Report (30th April to 6th May) report has been shared with Rishabh.

8. Closed below Fireeye Domain Match alert

2018050423042514 

9. Closed below Fireye Malware Call back ticket in OTRS.

2018050423041864 

2018050423042087'

10. Closed Ticket2018050523035502 — RSA - Rogue Application | Google Play

hxxps://play.google.com/store/apps/details?id=com.vermajiappdeveloper.Total_USSD_Code

11. Closed Ticket#2018050523027806 — RSA-Rogue Application | Google Play

hxxps://play.google.com/store/apps/details?id=com.credencapp

12. OTRS has been raised for alert " Infection match" observed in FireEye.

2018050723053015

13. OTRS 2018050723044801 has been raised for blocking below suspicious IP's which are observed through Smokescreen TI console.-Closed

128[.]199[.]124[.]86

139[.]59[.]42[.]246

185[.]209[.]0[.]7

14. First cut analysis regarding multiple executable flash games been found in SWIFT desktop system has been shared to the team.- Open

15. Carbon black analysis regarding FireEye alert observed for a system observed has been shared to the IR team with necessary recommendations.- Closed

2018050723056101

16. Analysis has been done for the below system reported for Virus infection observed by SOC team for the ticket(2018042423018336) assigned to us.- Closed