log4j (4)

10012032279?profile=RESIZE_400xActivity Summary - Week Ending on 14 January 2022:

  • Red Sky Alliance identified 24,345 connections from new IP’s checking in with our Sinkholes
  • Microsoft IP’s in UK and N. Ireland hit
  • Analysts identified 1,435 new IP addresses participating in various Botnets
  • Rook Ransomware
  • More Log4j
  • Ukraine Cyber Bust
  • UK NHS
  • Who’s Winning?
  • Google Docs
  • The Electric Grid’s Hot Wires
  • BLM suing LAPD

Link to full report: IR-22-014-001_weekly014.pdf

10006159689?profile=RESIZE_400xONUS, the Vietnamese crypto trading platform, recently experienced an attack stemming from the Log4j vulnerability (CVE-2021-44228).[1] ONUS allows users to trade crypto currencies through their app which is available for iOS and Android. The organization has grown significantly in the past 18 months since the app’s launch in March of 2020, with a large portion of users in Vietnam, Nigeria, and the Philippines.[2]

Financial organizations and crypto platforms in particular are juicy targets for a

9936355054?profile=RESIZE_400xActivity Summary - Week Ending on 22 December 2021:

  • Red Sky Alliance identified 30,069 connections from new IP’s checking in with our Sinkholes
  • dauction.ru Still has Issues after 4 weeks !
  • Analysts identified 5,039 new IP addresses participating in various Botnets
  • Log4j Vulnerability
  • BlackCat
  • AgentTesla Additions
  • Iran Hackers
  • Cyber and Medical Devices
  • Attacking K-12 School Apps
  • Cyber Port Protection
  • Finite Recruitment

Link to full report: IR-21-356-001_weekly356.pdf

9920277461?profile=RESIZE_400xActivity Summary - Week Ending on 17 December 2021:

  • Red Sky Alliance identified 39,374 connections from new IP’s checking in with our Sinkholes
  • ru Still has Issues after 3 weeks
  • Analysts identified 4,459 new IP addresses participating in various Botnets
  • Zoho ManageEngine
  • Manga
  • Log4j
  • Ransomware bad actor arrested in Romania
  • Volvo Snatched
  • AgentTesla
  • Cyber Attacks are a National Security Concern
  • Kronos Attack

Link to full report: IR-21-351-001_weekly351.pdf