Wednesday, August 16, 2017

Indian Physical Security Company Compromise

TLP AMBER ANNOUNCEMENT: 

On 15 July 2017, Wapack Labs identified, with high confidence, four keylogged email accounts identified as compromised, including username and password, belonging to an Indian physical security company. These email accounts were used to harvest information from multiple internal systems and external portals. Both the sales and customer relationship management systems may have been compromised. Since many of the keylogger infections have spread through automation, there is a potential for compromise within customer, partner, and supply chain relationships...READ MORE

Wapack Labs has cataloged and reported extensively on keyloggers in the past. An archive of related reporting can be found in the Red Sky Alliance portal.
This TLP AMBER report is available only to Red Sky Alliance members.