X-Industry

canada (5)

MOVEit and Schools

12233589864?profile=RESIZE_400xThe National Student Clearinghouse (NSC) reported that nearly 900 colleges and universities across the US had data stolen during attacks by a Russia-based ransomware gang exploiting the popular MOVEit file-sharing tool.  The nonprofit manages educational reporting, data exchange, verification, and research services for 3,600 colleges and universities as well as 22,000 high schools.

In June of this year, the organization first confirmed that it was affected by exploitation of the tool, which was

Balloons, Buoys and the Yellow Submarine

10972510291?profile=RESIZE_400xThe Canadian military has discovered Chinese spy buoys in the Arctic which allegedly are monitoring US submarines and melting ice sheets.  Such "activity is not new,” Canadian defense minister said in recent televised remarks, implying that China has been engaging in surveillance efforts in the region for some time.[1]  Russia has long sought an Arctic trade route to create shorter vessel travel to Europe.  Seems the Chinese may have the same idea, and oh; spy on its adversaries.

Officials descr

Don't Mess with my Booze

10948566071?profile=RESIZE_400xOn 12 January, Canadian alcohol retail giant LCBO announced that an “unauthorized party embedded malicious code” onto its website in order to steal information from customers in the process of checking out.  Over five days in January, they wrote, customers “may have had their information compromised.”  In fact, the infection was one of several to target LCBO customers in the last month, including an attack that lasted for more than a week that the company has not publicly acknowledged.

Researche

Weekly Cyber Intel Report - All Sector 10 21 2022

10846789675?profile=RESIZE_400xActivity Summary - Week Ending on 21 October 2022:

  • Red Sky Alliance identified 32,517 connections from new IP’s checking in with our Sinkholes
  • NoVa hit 17x
  • Analysts identified 1,515 new IP addresses participating in various Botnets
  • “Alchimist” Attack
  • REvil
  • Good News from Brazil
  • Khan Academy
  • Vinomofo
  • Japanese Crypto Funds
  • Oh Canada

Link to full report: IR-22-295-001_weekly295.pdf

Weekly Cyber Intel Report - All Sector 01 28 2022

10053400461?profile=RESIZE_400xActivity Summary - Week Ending on 28 January 2022:

  • Red Sky Alliance identified 21,120 connections from new IP’s checking in with our Sinkholes
  • Intern LLC in Moscow hit
  • Analysts identified 5,665 new IP addresses participating in various Botnets
  • AvosLocker Ransomware
  • Wormable Windows Vulnerability
  • Nmap
  • Belarus Trains hit
  • Canada mad at Russia
  • QR Code Confusion
  • 22% Gone Phishing
  • Vessel Impersonation

 

Link to full report: IR-22-028-001_weekly028.pdf