WaterISAC entered over 220 indicators of compromise regarding recent open source reporting. Perch users subscribed to the WaterISAC Community will be able to detect the following within their environment:

• DanaBot (updated) - banking trojan - https://www.welivesecurity.com/2018/09/21/danabot-targeting-europe-adds-new-features/
• Roaming Mantis - https://securelist.com/roaming-mantis-part-3/88071/ 
• Kingdom Operator/Pegasus spyware - https://citizenlab.ca/2018/10/the-kingdom-came-to-canada-how-saudi-linked-digital-espionage-reached-canadian-soil/
• New CVE-2018-8373 Exploit using SafeMode - https://blog.trendmicro.com/trendlabs-security-intelligence/new-cve-2018-8373-exploit-spotted/
• (Updated) New NOKKI activity (tied to Reaper threat group and DOGCALL malware) - https://researchcenter.paloaltonetworks.com/2018/10/unit42-nokki-almost-ties-the-knot-with-dogcall-reaper-group-uses-new-malware-to-deploy-rat/
• NOKKI (New KONNI variant) - https://researchcenter.paloaltonetworks.com/2018/09/unit42-new-konni-malware-attacking-eurasia-southeast-asia/ 
• GhostDNS DNS hijacking trojan - https://blog.netlab.360.com/70-different-types-of-home-routers-all-together-100000-are-being-hijacked-by-ghostdns-en/
• Torii IoT botnet - https://blog.avast.com/new-torii-botnet-threat-research