Recorded Future’s Insikt Group identified a suspected cyber-espionage campaign by TAG-100, targeting global government and private sector organizations. TAG-100 exploited internet-facing devices and used open-source tools like the Go backdoor Pantegana. The campaign compromised two Asia-Pacific intergovernmental organizations and targeted multiple diplomatic and trade entities.
- TAG-100 Uses Open-Source Tools in Suspected Global Espionage Campaign, Compromising Two Asia-Pacific Intergovernmenta
Activity Summary - Week Ending on 30 December 2021:
- Red Sky Alliance identified 18,056 connections from new IP’s checking in with our Sinkholes
- 77-88-9-11.spider.yandex.com
- Analysts identified 4,095 new IP addresses participating in various Botnets
- Chaos in Japan
- SonicWall
- An Albania Hit, Aagain
- Five Eyes on Log4j
- Chinese Propaganda in Full Force
- Ireland is getting Serious
- Healthcare at Risk, Still
- Free Peltier
Link to full report: IR-21-364-001_weekly364.pdf
Activity Summary - Week Ending 12 March 2021:
- Super Keylogger being used as a Lure – ‘Super.Keylogee’
- Red Sky Alliance identified 29,347 connections from new unique IP Addresses
- Analysts identified 1,199 new IP addresses participating in various Botnets
- Sality still reigns as our #1 Malware Variant
- IcedID
- Baby Elephants are Cute, but…….
- Qualys and Accellion FTA
- SonicWall hacking
- FireEye Attack
- Myanmar, China and Russia curtailing social media, No Surprise
Link to full report: IR-21-071-001_wee
