Security Intelligence

JexBoss Exploit Scan

Summary

Wapack Labs observed multiple attempts to exploit JBoss Application Servers using the JexBoss Exploit Tool staring in November of 2018.  Research into these incidents shows most of these scans originate in China.  In addition to scanning for JBoss, the scans attempt to exploit Tomcat management pages, PHP Weathermap, Microsoft Windows Server 2003 and Apache Hadoop YARN Resource Manager.  Wapack Labs provides details on Jexboss, the IP’s used to scan for…

Read more…

Virtual Chief Trust Officer (vCTO) Program

In a recent blog by Nitzan Daube, CTO of NanoLock¸ he provides an explanation regarding the importance of security focus on both IT hardware, physical security and cyber security consequences.  Wapack Labs agrees whole heartedly, and is providing solutions.

Wapack Labs participated in a recent lecture at the October 2018 ASIS Conference, held in Las Vegas NV.  Our joint lecture specifically addressed hardware compromise, adherence to physical security and the psychology of…

Read more…

Blockchain for the Supply Chain

The Air Force Institute of Technology[1] (AFIT) has releases free “Blockchain for Supply Chain” tools for supply chain professionals to learn about and use the power of block chain technology.  AFIT recently published a live blockchain application that can be accessed from any computer or smart phone, along with a complementary series of tutorial videos that presents blockchain simulation.  These videos can be used as a stand-alone…

Read more…

Cyber security professionals often get focused on dangers which appear inside their networks or within company messages, sometimes overlooking physical threats.  Laptops and devices routinely leave the confines of network cyber security parameters.  In this circumstance, a hacker can easily get physically next to a vulnerable laptop, which may permit firewall rules and DNS Security inoperable to a bad guy hacking into “your” laptop.…

Read more…

Maritime Weekly Watchlist; 16 October 2018

Wapack Labs Weekly Maritime Watchlist, which is derived from a list of key words relating to the Maritime Transportation Sector.  The malicious indicators are pulled from our malicious emails index for the past week.  The email indicators provided contain malicious attachments that have a maritime nexus.  Included are a number of fields including sending domains, sender email addresses, sending IP addresses, malicious email subject lines, and more.  Below is a sampling of the 735 indicators.  

Contact the Wapack Labs for more information and support: 844-492-7225, or feedback@wapacklabs.com

20181016_maritime_watchlist.csv

first_seen

indicator

indicator_context

10/5/2018

***TOP URGENT*** MV MERCURY PORT AGENCY APPOINTMENT

subject_line

10/8/2018

MV Vectis Osprey / Douala / PDA request & agency appointment

subject_line

10/11/2018

(PN:13494831)MV KAVALA SEAS // OWNERS MATTERS P DA

subject_line

10/11/2018

Re: MV BOMAR RESILIENT Reefer Failure CGMU4953702 (CMA) TR 253

subject_line

10/9/2018

Subject; : VSL: MV EURO GOLD, ORDER- AA2504<BR>

subject_line

10/5/2018

URGENT TELEX RELEASE - RE Shipment Bill of lading 20170000112

subject_line

10/5/2018

[EXT] Customer Advisory - Original B/L and Shipping Docs

subject_line

10/6/2018

Customer Advisory - Original B/L and Shipping Docs

subject_line

10/5/2018

OVERDUE INVOICE

subject_line

10/6/2018

Kreditorenbuchhaltung / Rechnungsregulieurng

subject_line

10/5/2018

Conta Vivo 908258679

subject_line

10/6/2018

BINTULU PORT - MALAYSIA - FOOD PROVISION AND STORE SUPPLY INQUIRY

subject_line

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance