# SOC BRIEFING: Amazon Bedrock Multi-Agent AI Attack Surface **SUMMARY:** Unit 42 identified new attack surfaces and prompt injection vulnerabilities in multi-agent AI systems deployed on Amazon Bedrock. This matters because prompt injection attacks can manipulate AI agents to bypass security controls, exfiltrate data, or execute unintended actions across interconnected systems. **TRIAGE:** **Medium** — Research disclosure with no active CVE or CISA KEV listing. Prioritize if your organization uses Amazon Bedrock with multi-agent architectures; defer if you don't deploy this service. **IOC HUNT:** 1. **CloudTrail logs**: Filter for `bedrock:InvokeAgent` and `bedrock:InvokeModel` calls with unusual input payloads containing prompt injection patterns (e.g., "ignore previous instructions," "system override"). 2. **Application logs**: Search for unexpected agent-to-agent communication or API calls outside normal workflow patterns. 3. **Query example (Splunk)**: `source=cloudtrail eventName=InvokeAgent | regex requestParameters="(ignore|override|bypass|system prompt)" | stats count by userIdentity.principalId, sourceIPAddress` **MITRE:** - **T1589** (Gather Victim Org Information) — reconnaissance via prompt injection - **T1566** (Phishing) — social engineering through manipulated agent responses - **T1021** (Remote Services) — lateral movement via compromised agent chains **ACTION:** Review and document all Bedrock multi-agent deployments in your environment. Implement input validation and output filtering on agent prompts; request Unit 42's full report for specific hardening guidance before deploying new multi-agent systems.

# SOC BRIEFING: Axios Supply Chain Attack **SUMMARY:** A supply chain attack targeted Axios, compromising the software distribution mechanism to deliver malicious payloads to downstream users. This represents a high-risk vector affecting any organization that consumed affected Axios packages or dependencies. **TRIAGE:** **HIGH** — Immediate investigation priority. Supply chain compromises have broad blast radius and enable persistent access across multiple environments. Requires urgent asset inventory and log review. **IOC HUNT:** 1. **Package repositories & deployment logs** — Search for Axios package installations/updates with unusual timestamps or hash mismatches (compare against known-good versions) 2. **Process execution** — Hunt for suspicious child processes spawned by Axios-related services; look for unsigned binaries or execution from temp directories 3. **Network egress** — Query DNS/proxy logs for C2 beaconing from systems with Axios installed; correlate with process creation timelines **MITRE:** - T1195.002 — Supply Chain Compromise (Compromised Software) - T1547.001 — Boot or Logon Autostart Execution - T1071.001 — Application Layer Protocol (C2 communication) **ACTION:** Immediately inventory all systems with Axios installed. Cross-reference against the Unit 42 report for affected versions/hashes. Isolate confirmed compromised systems and initiate forensic imaging before remediation.

# SOC BRIEFING: TeamPCP Supply Chain Attack Partnership **SUMMARY:** TeamPCP threat actor has announced a partnership with the Vect ransomware group and continues executing multi-stage supply chain attacks targeting security infrastructure. This alliance significantly increases attack sophistication and ransomware deployment risk across customer bases of compromised security vendors. **TRIAGE:** **HIGH** — Immediate investigation priority. Supply chain compromises have broad blast radius; ransomware partnership indicates intent for destructive payloads. Escalate to incident response if any security vendor software is deployed in your environment. **IOC HUNT:** 1. **Log source:** Endpoint execution logs — Hunt for unsigned or suspicious child processes spawned by security vendor software (e.g., EDR, SIEM agents, vulnerability scanners). 2. **Query:** `(ParentImage contains "security_vendor_name" AND (CommandLine contains "powershell" OR CommandLine contains "cmd" OR Image contains ".exe" NOT in whitelist))` 3. **Log source:** Network egress — Monitor for unexpected C2 communications from security infrastructure servers to unknown external IPs; correlate with vendor software update timelines. **MITRE:** - T1195.002 — Supply Chain Compromise: Compromise Software Supply Chain - T1195.003 — Supply Chain Compromise: Compromise Hardware Supply Chain - T1566.002 — Phishing: Phishing - Spearphishing Link - T1204.001 — User Execution: Malicious Link **ACTION:** Immediately verify the integrity and version of all deployed security vendor software against official vendor advisories. Isolate any systems running confirmed compromised versions pending patch availability; do not rely on the compromised software for detection during isolation.

# SOC BRIEFING: GCP Vertex AI "Double Agent" Vulnerability **SUMMARY:** Unit 42 identified a privilege escalation flaw in Google Cloud Vertex AI where overprivileged AI agents can be manipulated to compromise cloud environments. This affects organizations using Vertex AI agents with excessive IAM permissions, creating a pathway for lateral movement and data exfiltration. **TRIAGE:** **HIGH** — Investigate immediately if your organization runs Vertex AI agents in production. No active exploitation reported, but the attack requires only agent misconfiguration (common in rapid deployments). Prioritize environments with agents holding Editor or Owner roles. **IOC HUNT:** 1. **GCP Cloud Audit Logs**: Filter for `protoPayload.methodName` containing "aiplatform.googleapis.com" AND `protoPayload.status.code != 0` — look for unusual agent API calls or permission denials that suggest exploitation attempts. 2. **Vertex AI Agent Logs**: Query for agents making unexpected `compute.instances.create`, `storage.buckets.get`, or `iam.serviceAccounts.getAccessToken` calls outside normal workflow. 3. **IAM Activity**: Search for service account impersonation events (`iam.serviceAccounts.implicitDelegation` or `iam.serviceAccounts.actAs`) triggered by Vertex AI service principals. **MITRE:** - **T1078.004** (Privilege Escalation — Valid Accounts) - **T1550.001** (Defense Evasion — Token Impersonation) - **T1526** (Discovery — Cloud Service Discovery) **ACTION:** Audit all Vertex AI agent service account IAM bindings immediately. Remove Editor/Owner roles; apply least-privilege principle (e.g., restrict to `aiplatform.agent.runner` and specific resource scopes). Document findings and escalate to cloud security team for policy enforcement.

# SOC BRIEFING: Iranian Cyber Activity Escalation (March 2026) **SUMMARY:** Unit 42 reports escalated Iranian cyberattack activity including phishing campaigns, hacktivist operations, and cybercrime initiatives. This represents a notable uptick in threat volume and warrants immediate defensive posture review across email and network perimeters. **TRIAGE:** **HIGH** — No active exploits or zero-days identified (CVSS 0.0), but phishing campaigns pose immediate compromise risk. Prioritize email gateway and endpoint logs for the next 24 hours. **IOC HUNT:** 1. **Email Gateway Logs:** Search for phishing indicators from Unit 42 report (request IOCs from Palo Alto Unit 42 directly if not in your threat feed); filter on suspicious sender domains, subject line patterns, and malicious URLs. 2. **Endpoint/EDR:** `process where parent_process == "outlook.exe" AND command_line contains suspicious_script_extensions` — hunt for macro/script execution from email clients. 3. **DNS/Proxy Logs:** Monitor for known Iranian threat actor C2 domains and newly registered lookalike domains; cross-reference against Unit 42's published indicators. **MITRE:** - **T1566.002** — Phishing: Spearphishing Link - **T1566.001** — Phishing: Spearphishing Attachment - **T1598** — Phishing for Information (reconnaissance phase) - **Tactic:** Initial Access, Reconnaissance **ACTION:** Issue immediate alert to all users: do not click links or download attachments from unsolicited emails. Escalate any suspected phishing to SOC for triage within 1 hour. Request full IOC list from Unit 42 and load into SIEM/EDR by end of business today.

# SOC BRIEFING: Southeast Asian Government Cyberespionage Campaign **SUMMARY:** Unit 42 identified multiple coordinated cyberespionage clusters targeting a Southeast Asian government organization using USBFect malware, remote access trojans (RATs), and loaders. This represents a converging threat landscape where multiple threat actors are simultaneously targeting the same government entity, increasing compromise risk and operational impact. **TRIAGE:** **HIGH** — Multi-cluster espionage activity indicates sustained, resourced adversaries with government-targeting capability. Immediate investigation required to determine if your organization shares sector/regional overlap with the target. **IOC HUNT:** 1. **Endpoint/Memory:** Hunt for USBFect signatures, RAT command-and-control callbacks, and loader execution patterns in EDR logs (Splunk: `index=endpoint process_name IN (loader*, rat*) OR file_name="*USBFect*"`) 2. **Network:** Monitor for C2 beaconing to known malware infrastructure; correlate with Unit 42 published IOCs (Splunk: `index=network dest_ip IN [Unit42_IOC_list] OR dns_query="*[malware_domain]*"`) 3. **USB Activity:** Flag suspicious USB device connections and file transfers, particularly to/from removable media (Splunk: `index=endpoint action=connected OR action=disconnected device_type=usb`) **MITRE:** - T1566 (Phishing) — Initial compromise vector - T1105 (Ingress Tool Transfer) — Malware delivery - T1059 (Command and Scripting Interpreter) — Loader execution - T1041 (Exfiltration Over C2 Channel) — Data theft - T1078 (Valid Accounts) — Lateral movement **ACTION:** Cross-reference Unit 42's published IOCs against your network/endpoint logs within the last 90 days. If any matches found, isolate affected systems immediately and escalate to incident response. If no matches, implement detection rules for USBFect and RAT signatures in your SIEM/EDR within 24 hours.

# SOC BRIEFING: Palo Alto Networks Impersonation Recruitment Phishing **SUMMARY:** Unit 42 identified an active phishing campaign impersonating Palo Alto Networks recruiters to target senior professionals, using fraudulent resume fee schemes as the lure. This threat matters because it targets high-value employees who may have access to sensitive systems and intellectual property. **TRIAGE:** **Severity: Medium | Priority: High** No code execution or system compromise vector identified, but social engineering targeting privileged users creates downstream risk for credential compromise and data exfiltration. **IOC HUNT:** 1. **Email Gateway Logs:** Search for sender addresses impersonating `@paloaltonetworks.com` or lookalike domains (e.g., `paloalto-networks.com`, `paloaltonetwork.com`); filter for recruitment/HR keywords ("resume," "talent acquisition," "hiring"). 2. **Web Proxy/DNS Logs:** Hunt for domains hosting fake job portals or payment collection pages linked in phishing emails; correlate with credential submission attempts. 3. **Splunk Query:** `index=email sender="*paloalto*" subject IN ("resume", "recruitment", "job", "hiring") | stats count by sender, recipient_domain` **MITRE:** - **T1566.002** – Phishing: Spearphishing Link - **T1598.003** – Phishing for Information: Spearphishing Link - **T1589.002** – Gather Victim Identity Information: Email Addresses - **Tactic:** Initial Access, Reconnaissance **ACTION:** Issue immediate alert to all employees flagging the impersonation scheme with indicators (sender domains, subject lines); instruct staff to verify recruiter identity via official Palo Alto Networks HR contact channels before engaging. Forward any received phishing emails to security@paloaltonetworks.com.

# SOC BRIEFING: Google Cloud Authenticator Analysis **SUMMARY:** Unit 42 published technical analysis of Google's synced passkey architecture used in passwordless authentication systems, detailing key management mechanisms and secure communication protocols. This is educational threat research—not an active threat—but understanding these mechanisms is critical for detecting authentication bypass attempts and compromised credential stores in your environment. **TRIAGE:** **Medium** — Not an active vulnerability or exploit. Prioritize only if your organization uses Google Cloud Authenticator or synced passkeys; otherwise, defer to lower priority for defensive knowledge building. **IOC HUNT:** 1. **Authentication logs**: Search for unusual passkey enrollment events or out-of-band authentication requests to Google Cloud services (check Cloud Audit Logs for `SetIamPolicy`, `CreateServiceAccount`, and `CreateKey` events). 2. **Endpoint logs**: Hunt for suspicious Google Authenticator app installations or configuration changes on managed devices (Sysmon Event ID 11 for file creation in `%APPDATA%\Google\` or similar paths). 3. **Query example**: `index=google_cloud_audit protoPayload.methodName IN ("SetIamPolicy", "CreateServiceAccount") | stats count by protoPayload.authenticationInfo.principalEmail` **MITRE:** - **T1556.006** — Modify Authentication Process: Multi-Factor Authentication (understanding passkey mechanisms aids detection of MFA bypass) - **T1187** — Forced Authentication (relevant for detecting credential harvesting against passwordless systems) **ACTION:** Audit your organization's passkey implementation: verify that synced passkeys are stored only in encrypted, isolated credential stores and that out-of-band authentication requests require explicit user approval. Document baseline behavior for legitimate passkey operations to improve anomaly detection.

# SOC BRIEFING: Retail Fraud via Agentic AI **SUMMARY:** Palo Alto Unit 42 has published research on retail fraud exploitation using agentic AI systems, focusing on prompt injection attacks that manipulate AI agents into unauthorized transactions or data exfiltration. This represents an emerging attack vector against e-commerce and retail infrastructure where AI agents handle customer interactions and payment processing. **TRIAGE:** **Medium** — No active CVE or widespread exploitation confirmed. Prioritize investigation only if your organization deploys autonomous AI agents in customer-facing retail systems (chatbots, order processing, inventory management). If not applicable, defer to awareness phase. **IOC HUNT:** 1. **Web Application Logs**: Search for unusual prompt patterns in chatbot/AI agent input logs—look for injection keywords ("ignore previous instructions," "execute command," "bypass validation"). 2. **Transaction Logs**: Query for orders with mismatched customer profiles, unusual shipping addresses, or rapid sequential purchases from single AI session. 3. **API Logs**: Hunt for AI agent API calls with anomalous parameters or requests to sensitive endpoints (payment, customer data, inventory modification). **MITRE:** - **T1589** (Gather Victim Identity Information) — AI agents tricked into exfiltrating customer data - **T1566** (Phishing) — Prompt injection as social engineering variant - **T1190** (Exploit Public-Facing Application) — AI agent as attack surface **ACTION:** If you operate retail AI agents: Immediately audit prompt injection defenses (input validation, output filtering, instruction isolation). Implement rate-limiting on transaction-initiating AI actions and require human approval for orders exceeding threshold values.

# SOC BRIEFING: AI Integration in Malware **SUMMARY:** Unit 42 published research documenting how threat actors are integrating AI capabilities into malware, ranging from basic implementations to sophisticated autonomous decision-making systems. This matters because AI-enhanced malware can adapt evasion tactics, optimize payload delivery, and reduce detection windows—requiring updated detection strategies. **TRIAGE:** **Medium** — Informational/Strategic. No active CVEs, exploits, or IOCs identified. Prioritize after critical incidents; use to inform detection tuning and threat hunting priorities. **IOC HUNT:** 1. **Endpoint logs**: Search for unusual Python/ML library imports (`tensorflow`, `pytorch`, `scikit-learn`) in process execution or file writes on non-development systems. 2. **Network logs**: Hunt for connections to known ML model repositories (HuggingFace, GitHub raw content) from suspicious processes. 3. **Splunk/KQL**: `(process_name="python.exe" OR process_name="powershell.exe") AND (command_line="*import tensorflow*" OR command_line="*import torch*")` **MITRE:** - **T1592** (Gather Victim Host Information) — AI for reconnaissance optimization - **T1140** (Deobfuscate/Decode Files or Information) — AI-driven unpacking - **T1027** (Obfuscation) — AI-enhanced evasion - **T1105** (Ingress Tool Transfer) — Adaptive payload delivery **ACTION:** Review and update YARA/Sigma rules to detect ML framework abuse; add behavioral detection for anomalous library loading and model file transfers. Coordinate with threat intel team to monitor Unit 42's full research for IOCs as they emerge.

# SOC BRIEFING: AI Agent Security Risks **SUMMARY:** Palo Alto Networks Unit 42 published guidance on security risks associated with AI agents operating with excessive privileges in enterprise environments. This matters because autonomous AI systems with broad permissions can become attack vectors or cause unintended security breaches if compromised or misconfigured. **TRIAGE:** **Medium** — No active CVEs, exploits, or IOCs identified. This is a strategic security posture issue requiring policy review rather than incident response. Investigate if your organization has deployed AI agents with elevated privileges. **IOC HUNT:** 1. Search authentication logs for service accounts running AI/ML applications with admin or privileged group membership 2. Query API gateway logs for unusual token usage patterns or AI agent service accounts accessing sensitive data repositories 3. Review IAM audit logs for recently created service accounts with broad permissions assigned to automation/AI tools **MITRE:** - **T1078.004** — Valid Accounts: Cloud Accounts (compromised AI agent credentials) - **T1548** — Abuse of Elevation Control Mechanism (excessive privilege assignment) - **T1526** — Cloud Service Discovery (AI agents enumerating resources) **ACTION:** Audit all deployed AI agents and automation service accounts immediately. Apply principle of least privilege: restrict each agent to only the specific APIs, data sources, and actions required for its defined function. Document and enforce approval workflows for any agent privilege escalation requests.

# SOC BRIEFING: LLM Prompt Fuzzing Vulnerability Research **SUMMARY:** Unit 42 research demonstrates that both open-source and commercial LLMs remain vulnerable to prompt fuzzing attacks that bypass safety guardrails using genetic algorithm-inspired techniques. This reveals scalable evasion methods that threat actors could exploit to manipulate LLM outputs for malicious purposes (data exfiltration, harmful content generation, social engineering). **TRIAGE:** **Medium** — Research disclosure, not active exploitation reported. Prioritize if your organization deploys LLMs in production or relies on LLM-based security tools. No CVE/EPSS score indicates this is a capability gap rather than a patched vulnerability. **IOC HUNT:** 1. **LLM API logs**: Search for unusual prompt patterns with repeated character substitution, encoding tricks, or jailbreak keywords (e.g., "ignore previous instructions," role-play scenarios, token smuggling) 2. **Application logs**: Query for unexpected LLM responses that contradict safety policies or return restricted information 3. **Query pattern anomalies**: Splunk/KQL — `index=llm_logs | stats count by user, prompt_length, response_category | where response_category=UNSAFE or prompt_length > [baseline]` **MITRE:** - **T1589** (Gather Victim Identity Information) — LLMs tricked into disclosing sensitive data - **T1598** (Phishing) — LLMs manipulated to generate convincing social engineering content - **T1566** (Phishing: Email) — LLM-generated malicious emails bypassing detection **ACTION:** Audit LLM deployment configurations: verify input validation, rate limiting, and output filtering are enabled. If using third-party LLM APIs, request security documentation on guardrail robustness and request notification of prompt injection incidents.

# SOC BRIEFING: Boggy Serpens **SUMMARY:** Iranian threat group Boggy Serpens is actively conducting cyberespionage operations using AI-enhanced malware and sophisticated social engineering tactics. This represents an evolution in their capabilities and indicates sustained targeting of likely high-value assets in your environment. **TRIAGE:** **HIGH** — No active CVE exploitation or widespread indicators yet, but persistent nation-state activity warrants immediate visibility. Prioritize if your organization operates in critical infrastructure, energy, or government sectors. **IOC HUNT:** 1. Query email logs for suspicious sender patterns and social engineering indicators (phishing, credential harvesting, unusual urgency language) 2. Hunt process execution logs for AI-model inference activity or unusual Python/ML framework execution (scikit-learn, TensorFlow, PyTorch) 3. Review network egress for connections to known Iranian IP ranges and C2 infrastructure associated with Unit 42's Boggy Serpens reporting **MITRE:** - T1566.002 — Phishing: Spearphishing Link - T1598.003 — Phishing for Information: Spearphishing Link - T1589 — Gather Victim Identity Information - T1566.001 — Phishing: Spearphishing Attachment **ACTION:** Pull the full Unit 42 report immediately and cross-reference any IOCs/domains against your proxy, DNS, and email logs from the past 90 days. Brief leadership on targeting scope and escalate any matches to incident response.

# SOC BRIEFING: Iranian Cyber Threat Evolution **SUMMARY:** Iranian threat actors are shifting tactics from destructive MBR wiper malware to identity-based attacks and abuse of legitimate administrative tools, reducing detection signatures while increasing persistence and lateral movement capability. This evolution indicates a strategic pivot toward espionage and long-dwell operations rather than disruptive attacks. **TRIAGE:** **Medium** — Monitor for behavioral indicators; no active CVE or widespread exploitation detected. Prioritize if your organization operates critical infrastructure or has Iran-nexus geopolitical exposure. **IOC HUNT:** 1. **Log Source:** Windows Event Logs (Security) — Hunt for anomalous admin tool execution (PsExec, WinRM, RDP) from non-standard service accounts or off-hours activity. 2. **Query:** `index=windows EventCode=4688 (Image="*psexec*" OR Image="*winrm*") NOT user IN (approved_admins)` — Flag suspicious lateral movement. 3. **Log Source:** Identity/AAD logs — Search for impossible travel, credential spray patterns, and MFA bypass attempts targeting privileged accounts. **MITRE:** - T1078 (Valid Accounts) - T1570 (Lateral Tool Transfer) - T1021 (Remote Services) - T1087 (Account Discovery) - **Tactic:** Persistence, Lateral Movement, Privilege Escalation **ACTION:** Enforce conditional access policies blocking admin tool execution from untrusted locations; require MFA on all privileged accounts and audit recent admin credential usage for anomalies within the last 30 days.

# SOC BRIEFING: Handala Hack Wiper Campaign **SUMMARY:** Iran-linked threat actor Handala Hack (Void Manticore) is actively deploying wiper malware via phishing and compromised Microsoft Intune access. Wiper attacks result in irreversible data destruction and system unavailability, making this a critical destructive threat. **TRIAGE:** **CRITICAL** — Immediate investigation required. Wiper attacks cause permanent damage; detection and containment must occur before execution phase. **IOC HUNT:** 1. **Intune logs**: Search for unusual device enrollment, policy changes, or remote actions from non-standard admin accounts in past 30 days - `DeviceManagementActivity | where ActionType contains "Enroll" or "Policy" | where InitiatedBy !in (approved_admins)` 2. **Email gateway**: Hunt phishing campaigns targeting your organization; check for suspicious sender domains, credential-harvesting links, or macro-enabled attachments 3. **Endpoint telemetry**: Monitor for wiper execution patterns—mass file deletion, MBR/partition table writes, or suspicious PowerShell/cmd activity from user-context processes **MITRE:** - T1566.002 — Phishing: Spearphishing Link - T1199 — Trusted Relationship (Intune abuse) - T1561 — Disk Wipe - T1485 — Data Destruction **ACTION:** Immediately audit all Intune administrative accounts for unauthorized access or policy deployments in the last 30 days; revoke suspicious sessions and reset credentials for any flagged admins. Simultaneously, block identified phishing domains at email gateway.

# SOC BRIEFING: TA416 Campaign Against European Governments **SUMMARY:** China-linked threat actor TA416 has resumed targeting European government and diplomatic organizations since mid-2025 using PlugX malware and OAuth-based phishing after a two-year hiatus. This represents a significant shift in targeting focus and indicates renewed interest in European political/diplomatic intelligence. **TRIAGE:** **HIGH** — Immediate investigation priority. While no exploited CVEs are present, the use of living-off-the-land techniques (OAuth abuse) and established malware (PlugX) lowers detection barriers. European government entities in your environment require urgent credential audit. **IOC HUNT:** 1. **Email Gateway Logs:** Search for OAuth consent prompts in phishing emails; filter for suspicious redirect URIs and non-standard OAuth scopes (mail.read, calendar.read, etc.) 2. **Endpoint/EDR:** Hunt for PlugX process execution patterns — look for rundll32.exe, regsvcs.exe, or regasm.exe spawning suspicious child processes; check for C2 beacons on non-standard ports 3. **Azure AD / Identity Logs:** Query for impossible travel, suspicious OAuth app consents from government accounts, and token replay anomalies within 48 hours of phishing send dates **MITRE:** - T1566.002 (Phishing: Spearphishing Link) - T1528 (Steal Application Access Token) - T1059.001 (Command and Scripting Interpreter: PowerShell) - T1547.001 (Boot or Logon Autostart Execution: Registry Run Keys) **ACTION:** Immediately revoke OAuth tokens for all government/diplomatic user accounts; force password reset and enable MFA enforcement. Block known TA416 C2 infrastructure at perimeter if available from threat intel feeds.

# SOC BRIEFING: Cookie-Controlled PHP Web Shells on Linux **SUMMARY:** Threat actors are deploying PHP web shells on Linux servers that use HTTP cookies as command control channels instead of URL parameters, evading traditional detection methods. This technique enables persistent remote code execution and is increasingly prevalent in the wild. **TRIAGE:** **High** — Immediate investigation priority. No active CVE exploitation, but represents an active attack pattern with direct RCE impact on Linux infrastructure. **IOC HUNT:** 1. **Web Server Logs (Apache/Nginx):** Search for suspicious cookie values with encoded payloads or repeated cookie patterns across requests to .php files - `Splunk: sourcetype=access_combined *.php | stats count by cookie | where count > 10` - `KQL: WebServerLog | where Url contains ".php" | summarize by HttpCookie` 2. **Process Execution Logs:** Hunt for PHP spawning unexpected child processes (bash, sh, curl, wget) - `Splunk: process_name=php parent_process=* | search child_process IN (bash, sh, curl)` 3. **Cron Job Audits:** Review `/var/spool/cron/` and `/etc/cron.d/` for persistence mechanisms - `sourcetype=linux_audit type=execve exe=/usr/bin/crontab` **MITRE:** - T1190 — Exploit Public-Facing Application (Initial Access) - T1505.004 — Server Software Component: Web Shell (Persistence) - T1053.006 — Scheduled Task/Job: Cron (Persistence) - T1059.004 — Command and Scripting Interpreter: Unix Shell (Execution) **ACTION:** Immediately audit all Linux web servers for unauthorized .php files and review web server logs for anomalous cookie patterns; cross-reference with cron job modifications in the past 30 days.

# SOC BRIEFING: UNC1069 Axios npm Supply Chain Attack **SUMMARY:** North Korean threat actors (UNC1069) compromised the Axios npm package maintainer through targeted social engineering, gaining potential access to a widely-used JavaScript library with millions of weekly downloads. This represents a critical supply chain risk affecting any organization using Axios in production environments. **TRIAGE:** **CRITICAL** — Immediate investigation required. Axios is a foundational dependency in countless applications; any malicious code injection could affect enterprise systems at scale. **IOC HUNT:** 1. **npm Registry Logs:** Search for unusual package versions of `axios` published after the compromise date; compare checksums against known-good releases 2. **Dependency Audit:** Run `npm audit` and `npm ls axios` across all internal projects; flag any non-standard or intermediate versions 3. **Network/Proxy Logs:** Hunt for connections to suspicious npm registries or package mirrors; search for failed authentication attempts to npm accounts associated with maintainers **MITRE:** - T1195.001 — Supply Chain Compromise (Compromise Software Dependencies) - T1566.002 — Phishing (Spearphishing Link) - T1078 — Valid Accounts (Account Takeover) **ACTION:** 1. **Immediate:** Audit all Axios versions in use; upgrade to the latest patched release from the official npm registry 2. **Within 24 hours:** Review npm account access logs for the maintainer; check for unauthorized package publishes or version modifications 3. **Ongoing:** Implement package pinning and integrity verification (lock files, hash validation) for critical dependencies

# SOC BRIEFING: Third-Party Risk Management Gap **SUMMARY:** Third-party vendors and SaaS tools represent a significant blind spot in most organizations' security posture and are increasingly leveraged as attack vectors. This threat requires immediate inventory and access control review across all external integrations and vendor relationships. **TRIAGE:** **High** — Not an active incident, but a critical control gap. Prioritize within 48 hours as part of supply chain risk assessment. **IOC HUNT:** 1. **VPN/Network Access Logs** — Query for unusual vendor IP ranges or geographic anomalies: `source=network_logs vendor_access=true | stats dc(src_ip) by vendor_name` 2. **SaaS Activity Logs** — Identify unauthorized or unknown SaaS applications: `source=proxy OR source=cloud_logs | search "SaaS" | dedup app_name | table app_name, user_count, first_seen` 3. **Privileged Access Logs** — Hunt for vendor service accounts with excessive permissions: `source=auth_logs account_type=service_account | search vendor | stats login_count, failed_logins by account` **MITRE:** - **T1199** — Trusted Relationship (supply chain compromise) - **T1566** — Phishing (via vendor email compromise) - **T1021** — Remote Services (vendor VPN/API access) **ACTION:** Conduct immediate inventory of all active third-party integrations and SaaS applications. Document vendor access levels, data exposure, and last security assessment date. Flag any vendor without current SOC 2 or equivalent certification for immediate review.

# THREAT BRIEFING: SparkCat Mobile Malware Variant **SUMMARY:** A new SparkCat malware variant has been identified in legitimate-appearing apps on Apple App Store and Google Play Store, targeting mobile users by stealing cryptocurrency wallet recovery phrases. This represents a direct threat to users storing sensitive financial assets on mobile devices and indicates successful evasion of app store security controls. **TRIAGE:** **HIGH** — Immediate investigation priority. While no CVEs or active exploitation metrics are assigned, the malware's presence on official app stores and focus on high-value crypto assets warrant urgent containment. Escalate if any internal users have installed flagged apps. **IOC HUNT:** 1. **Mobile Device Management (MDM) logs** — Query for app installations matching known SparkCat delivery apps (enterprise messengers, food delivery services); cross-reference against user device inventory. 2. **Network egress logs** — Hunt for unusual outbound connections from mobile devices to known C2 infrastructure; filter for image exfiltration patterns (wallet recovery phrase screenshots). 3. **Endpoint Detection & Response (EDR)** — Search for screenshot capture events, clipboard access, or camera permissions triggered by non-camera apps on enrolled mobile devices. **MITRE:** - T1005 — Data from Local System - T1113 — Screen Capture - T1056.004 — Clipboard Data - T1204.001 — Malicious Link (social engineering via app store) **ACTION:** Issue immediate user alert to uninstall any recently installed enterprise messenger or food delivery apps not officially sanctioned by IT. Cross-reference app store URLs with security vendor threat feeds to identify specific flagged app names for blocklist distribution.