ir-22-126-001 (2)

10469266899?profile=RESIZE_400xAn elusive and sophisticated cyberespionage campaign orchestrated by the China-backed Winnti group has managed evade detection since at least 2019.  Named by investigators "Operation CuckooBees,” the massive intellectual property theft operation enabled the threat actor to exfiltrate hundreds of gigabytes of information.  Targets included technology and manufacturing companies primarily located in East Asia, Western Europe, and North America.  "The attackers targeted intellectual property develo

10468875068?profile=RESIZE_400xActivity Summary - Week Ending on 6 May 2022:

  • Red Sky Alliance identified 43,915 connections from new IP’s checking in with our Sinkholes
  • still #1 in Hits
  • Analysts identified 1,442 new IP addresses participating in various Botnets
  • CVSS
  • Using Emulation
  • BotenaGo Variant
  • PyInstaller
  • Inmarsat
  • 5 Constant Malware Issues

Link to full report: IR-22-126-001_weekly126.pdf