HYAS Threat Intel Report March 25 2024
Posted by David Brunsdon | March 25 2024
Weekly Threat Intelligence Report Date: March 25, 2024 Prepared by: David Brunsdon, Threat Intelligence - Security Engineer, HYAS This report provides detailed insights into the recent activities of the specified ASNs (Autonomous System Numbers), highlighting potential security risks and recommending proactive measures to defend against evolving cyber threats. Malware needs to communicate to an external address to receive commands, download new capabilities, and exfiltrate data. Here are the top ASNs that malware is communicating with for its C2 (command-and-control). Top ASNs Under Observation: ASN 9318 (HANARO Telecom): Description: HANARO Telecom is a major Internet service provider (ISP) based in South Korea. It offers broadband, wireless, and enterprise networking services. Recent Activity: Elevated levels of suspicious traffic have been detected originating from ASN 9318, indicating potential malicious behavior within its network infrastructure. This activity includes a notable