lapsus$ (5)

11002441075?profile=RESIZE_400xPhishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the internet and continues to plague organizations, accounting for more than 30% of all known breaches. With the ongoing trend to remote working during and post pandemic, hackers have increased their efforts to steal login credentials as they take advantage of the chaos and lack of in-person user verification.

This has led to the revival of the old-school te

10846789675?profile=RESIZE_400xActivity Summary - Week Ending on 21 October 2022:

  • Red Sky Alliance identified 32,517 connections from new IP’s checking in with our Sinkholes
  • NoVa hit 17x
  • Analysts identified 1,515 new IP addresses participating in various Botnets
  • “Alchimist” Attack
  • REvil
  • Good News from Brazil
  • Khan Academy
  • Vinomofo
  • Japanese Crypto Funds
  • Oh Canada

Link to full report: IR-22-295-001_weekly295.pdf

10816096095?profile=RESIZE_400xSo, I just got back from a trip to Georgia, the one in the US.  I used Uber three times.  Convenient, clean, hassle-free and the drivers were very nice.  An over-all great experience.  Until……Uber has reported this past weekend it is investigating a major cyber security breach that has forced it to take several critical systems offline following an alleged social engineering attack on an employee by an apparent teenage hacktivist.

The incident was exposed last week on 15 September, when an indiv

10448521073?profile=RESIZE_400xActivity Summary - Week Ending on 29 April 2022:

  • Red Sky Alliance identified 10, 907 connections from new IP’s checking in with our Sinkholes
  • msk.ru has issues
  • Analysts identified 3,698 new IP addresses participating in various Botnets
  • Vice & Industrial Spy
  • US Agriculture under Attack
  • T-Mobile Hit (again)
  • Oil India LTD
  • Getting Annoyed?
  • Lapsus$

Link to full report: IR-22-119-001_weekly119.pdf

9989009082?profile=RESIZE_400xActivity Summary - Week Ending on 7 January 2022:

  • Red Sky Alliance identified 25,112 connections from new IP’s checking in with our Sinkholes
  • 227.12[.]174 x 182
  • Analysts identified 1,148 new IP addresses participating in various Botnets
  • (5) Ransomware Attack Techniques
  • CVE-2021-42278 and CVE-2021-42287
  • Lapsus$
  • Omicrom Scams
  • ONUS Attacked by a Log4j Version
  • Insider Threats
  • Walmart, Part II
  • Sunrise Movement

Link to full report: IR-22-007-001_weekly007.pdf