daily

daily


1. Investigation and Analysis has been done for the suspected system for suspicious crypto jacking domain communication - Closed.

Also, Incident report AXI-ISA-375 have been created for the same.

Browsing history files has been extracted for respective suspected systems.


2. OTRS has been raised for below Social site detection notified by netcraft and the same has been submitted to marketing team for validation - closed.


2018051623034206 -- hxxp://twitter.com/Axisbank10

2018051623036731 -- hxxps://instagram.com/bank.axis

2018051623036741 -- hxxp://twitter.com/chanduboorgula




3.OTRS has been raised for Crypto jacking infected site detected during our analysis and investigation - Closed.


2018051423037145 -- www[.]jiit[.]ac[.]in



4. OTRS has been raised for Brand Abuse reported by RSA - Closed.


2018051623036857 -- hxxp://circleaxis.online



4. Below RSA tickets has been closed post their confirmation - Closed.


2018051523034486

2018051523034601

2018051523053803



5. OTRS 2018051623042644 has been raised for malicious file hbcdcustomizer.exe observed in system. Ticket has been assigned to IR.OM team with necessary recommendations - Closed.


Incident report AXI-ISA-377 has been created for the same.


6. OTRS 2018051623047032 has been raised for AXI-INC-05-2018-19-08 Multiple Vulnerability ports open on Axis Securities assets where we received an alert from bank external internet facing asset monitoring partner that multiple vulnerable ports like “3389, 21, 137, 445, 80, and 5900” were kept open on Axis Securities assets.

 

Ports 3389 is used for RDP, Port 21 is used for file transfer protocol which can result in data breach. Port 137 is NetBIOS port. Port 80 is most vulnerable ports which can results in some application level attacks. Whereas port 445 is most dangerous vulnerable port which is used by ransomware like Wannacry / petya etc.

 

We have highlighted similar incident “AXI-INC-05-2018-19-06” on 2nd May 2018. Requested to close all such vulnerable ports on perimeter immediately post validation - Closed.



7. OTRS 2018051623047041 has been raised for Phishing alert reported by netcraft and has been sent to utkarsh mehotra for further action - Closed.  


http://axisbankukonline.com/AxisRetailLogin.html


8. OTRS 2018051623053221 has been raised for take down initiated with rsa for below application 

Incident reprt AXI-ISA-376 has been created for the same - Closed.


http://apk-dl.com/com.bankbalancechecknumber.app 


9. Bluecoat category for Sports/Recreation and Kinds data has been extracted - Closed. 

Report content on this page

Report Page

Please submit your DMCA takedown request to dmca@telegram.org