OTX Bot<p>Cyber Attacks on Government Agencies: Detect and Investigate</p><p>This analysis examines cyber threats targeting government institutions worldwide, focusing on three case studies: a phishing email targeting the South Carolina Department of Employment and Workforce, a fraudulent domain mimicking the U.S. Social Security Administration, and a malicious PDF posing as a South African Judiciary notice. The study demonstrates how ANY.RUN's solutions, including Threat Intelligence Lookup, Interactive Sandbox, and YARA Search, can be utilized to detect, analyze, and mitigate these threats. Key findings include the use of FormBook stealer, remote access tools, and credential harvesting techniques. The analysis provides actionable insights for government cybersecurity teams to enhance their defensive strategies and response capabilities.</p><p>Pulse ID: 68409d6271a2178e01aa5e79<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/68409d6271a2178e01aa5e79" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/68409</span><span class="invisible">d6271a2178e01aa5e79</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-06-04 19:24:18</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANYRUN</span></a> <a href="https://social.raytec.co/tags/Africa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Africa</span></a> <a href="https://social.raytec.co/tags/CredentialHarvesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CredentialHarvesting</span></a> <a href="https://social.raytec.co/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttack</span></a> <a href="https://social.raytec.co/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttacks</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/Email" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Email</span></a> <a href="https://social.raytec.co/tags/FormBook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FormBook</span></a> <a href="https://social.raytec.co/tags/Government" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Government</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Mimic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mimic</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/PDF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PDF</span></a> <a href="https://social.raytec.co/tags/Phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Phishing</span></a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RAT</span></a> <a href="https://social.raytec.co/tags/RCE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RCE</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AlienVault</span></a></p>