Activity Summary - Week Ending on 17 October 2025
- Red Sky identified 5,541 connections from ‘new’ and unique, compromised IP addresses
- VMHeaven in the Germany hit 386x
- CISA Alert – Lessons Learned from an Incident Response Engagement
- CVE-2024-36401
- CTAC – Malicious E-Mails IOCs
- Distributed Energy and Industrial Microgrids
- FunkSec, NightSpire, Kairos, Weyhro, Apos, Morpheus, CiphBit, Skira, CrazyHunter, Hellcat, Van Helsing, and Ralord
- Paper and Pencil back-ups
- Targeteer – VOLTZITE & KAMACITE
Link to full report: IR-25-291-001_weekly291.pdf
