Daily
1. We have asked appsec team to validate below rogue application OTRS ticket 2018050723005022 has been raised for the same.- Closed
hxxps://play.google.com/store/apps/details?id=com.nirmallabs.onlinebanking.
2. 2018050423020805- Carbon black analysis regarding Fireeye alert "Malware Object” for system has been shared with team.
Incidet report AXI-ISA-337 has been created for the same.
3. OTRS ticket 2018050723033331 has been raised for blocking below domain which are observed through Akamai ETP.- Closed
competition6685{.}lieordie92{.}loan{.}-
competition5681{.}getyourchance100{.}loan{.}
game8549{.}getyourchance7{.}loan{.}
4. OTRS ticket 2018050723042214 has been raised for blocking below domains which are observed Akamai ETP.- Closed
applehouseshimla[.]com
www{.}dccmulki{.}in{.}
5. OTRS ticket 2018050723040716 has been raised for Carbon Black alert found multiple vulnerabilities in Oracle Java on system IE browser. Recommended action has been shared with respective team. Incidet report AXI-ISA-338 has been created for the same. - Open
6. 2018050623012678 | Bluecoat Suspicious:Trojan.Script.Miner.gen - Multiple vulnaribilties found on url www[.]iiap[.]res[.]in. Url categorized as Education and Reference. Details has been shared with team. - Closed
7. RSA & NC Weekly Report (30th April to 6th May) report has been shared with Rishabh.
8. Closed below Fireeye Domain Match alert
2018050423042514
9. Closed below Fireye Malware Call back ticket in OTRS.
2018050423041864
2018050423042087'
10. Closed Ticket2018050523035502 — RSA - Rogue Application | Google Play
hxxps://play.google.com/store/apps/details?id=com.vermajiappdeveloper.Total_USSD_Code
11. Closed Ticket#2018050523027806 — RSA-Rogue Application | Google Play
hxxps://play.google.com/store/apps/details?id=com.credencapp
12. OTRS has been raised for alert " Infection match" observed in FireEye.
2018050723053015
13. OTRS 2018050723044801 has been raised for blocking below suspicious IP's which are observed through Smokescreen TI console.-Closed
128[.]199[.]124[.]86
139[.]59[.]42[.]246
185[.]209[.]0[.]7
14. First cut analysis regarding multiple executable flash games been found in SWIFT desktop system has been shared to the team.- Open
15. Carbon black analysis regarding FireEye alert observed for a system observed has been shared to the IR team with necessary recommendations.- Closed
2018050723056101
16. Analysis has been done for the below system reported for Virus infection observed by SOC team for the ticket(2018042423018336) assigned to us.- Closed